Xavi Pes talks about risks of AI on mobiles


Did you know about possible data leaks from virtual assistants? Siri is not so trustworthy and our account manager, Xavi Pes, explains where the dangers of Artificial Intelligence lie when it comes to mobile phones.

Every day, mobile devices are increasingly present in the corporate world. And apps, full of sensitive corporate data (emails, calendars, documents, oncloud…). However, mobiles are still not considered the main target for cyber attacks and their security is one step behind compared to other professional equipment: They have no anti-viruses or firewalls… And virtual assistants can play tricks on users without them even knowing it.

Read more

Explotamos la vulnerabilidad CVE-2017-11882 de Microsoft Office


Durante los últimos días, nuestros compañeros Diego Jurado y Miguel Tuñón han explotado la vulnerabilidad CVE-2017-11882 de Microsoft Office, descubierta por el equipo de investigación de Embedi, y que permite a un atacante ejecutar código arbitrario de manera remota (RCE) en el contexto del usuario actual, dado que no se gestionan adecuadamente los objetos en memoria (“Microsoft Office Memory Corruption Vulnerability”).

Esta vulnerabilidad reside en el antiguo “editor de ecuaciones” de Microsoft Office (EQNEDT32.EXE). Esta herramienta permite a los usuarios embeber ecuaciones matemáticas dentro de documentos de Office como objetos OLE dinámicos.

Read more