Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Best practices
Aurora_ICS

Aurora vulnerability: origin, explanation and solutions

Posted on 09/26/2019, by INCIBE
Perhaps, given the many important cybersecurity leaks and intrusions in recent years involving everything from social media accounts to critical infrastructure and classified military secrets, the attention paid to the Aurora vulnerability has not been proportional to its seriousness and systems affected. This is because it affects almost every electrical system in the world, and potentially any rotating equipment, whether it generates energy or is essential for an industrial or commercial installation. If the threat is so widespread, why isn’t the industry more worried and actively looking for solutions? From this article various possible reasons for this are given.
Keyring

My industrial devices support LDAP, now what?

Posted on 09/19/2019, by INCIBE
The main security standards and best practice guidelines in industrial cybersecurity include as a requirement the need for a user authentication system. The options involve implementations in each device of this system or being integrated into a centralised user authentication system. One of the most-used options is the use of the LDAP protocol, but there are a number of points to consider in the design phase, which are key when implementing a specific centralised user management system for industrial control systems, under LDAP.
Secure network architecture

Secure network architecture, things in order

Posted on 08/08/2019, by INCIBE
Control system networks have grown immensely in recent years, something similar to what happened with the explosion of IT networks in the 1980s. This growth is happening somewhat chaotically, promoted mainly by productive needs and by the lack of joint definition of network administration managers for IT and OT, instead of doing it by thinking of the future, scalability and security.
CVSS3.1

Measuring the severity of vulnerabilities: changes in CVSS 3.1

Posted on 08/01/2019, by Hugo Rodríguez Santos (INCIBE)
The open and most-widely-used framework for communication and vulnerability scoring, the CVSS (Common Vulnerability Scoring System), has been updated, incorporating improvements in its new version 3.1 with respect to the previous one. This standard assesses the severity of computer systems vulnerabilities and assigns them a score of 0 to 10.
Sea

Cybersecurity standards at sea

Posted on 07/11/2019, by INCIBE
Trips across the ocean have changed over the years with the arrival of the industrial revolution and information technology, among other things, making technology its best ally, both to automate their navigation and to control their location from land-based stations. However, this total dependence on technology brings with it important security issues that need to be addressed with the importance they deserve.
Protect

Protect your DNS requests with DNS over TLS

Posted on 07/04/2019, by Ignacio Porro Sáez (INCIBE)
Security breaches that put our privacy at risk, leaks of our data, passwords... are incidents that happen more and more often. Protecting ourselves from these information leaks is often beyond our reach, but this does not mean that we should not try to take measures to protect our data. DNS-over-TLS can be very helpful in encrypting our communications, making them much more secure.

Pages