Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Cybercrime
Protective measures against denial-of-service (DoS) attacks

Protective measures against denial-of-service (DoS) attacks

Posted on 01/26/2018, by Alejandro Fernández Castrillo
Denial-of-service attacks are a type of cyber-attack which consists on reducing or cancelling altogether the capacity of servers or other computing resources to provide service. A denial-of-service attack can occur in different scenarios, such as overloading online services by mass request sending or exploiting vulnerabilities of programs or services in order to suspend function totally or partially. In most of such attacks, attackers use a wide range of techniques and tools to hide their identities, which makes it especially challenging to find the culprits.
Information Sharing

United Against Cyberthreats: Information Sharing

Posted on 10/06/2016
The well known motto "there is strength in numbers" perfectly describes the beneficial situation that involves collaboration and knowledge sharing on cyber threats. The concept of Information Sharing bring to us the idea of ​​establishing methods to share and take full benefit of the gathered knowledge among all actors. Among these partners, CERT and security companies play a key role in defining consensus documentation and the pathway for sharing knowledge effectively.
Thum

Click fraud - a highly lucrative business

Posted on 07/28/2015, by INCIBE
Various studies have indicated that bots currently constitute over half of all global Internet traffic. Certain reports, such as "The 2015 Bad Bot Landscape Report" released by Distil Networks, Inc, even divide traffic into legitimate and malicious traffic, concluding that the latter is growing at an alarming rate. The boom that Cloud Computing has experienced in recent times has been one of...
Biometrics

Biometrics and dynamic authentication

Posted on 06/10/2015, by Antonio López (INCIBE)
In the world of information technology, achieving a status of total security is a goal that is practically impossible. In particular, one of the most persistently sought objectives is to find authentication and identification methods that come close to this total security utopia. Can biometrics bring progress in this issue?
DoS

DoS: Application Layer

Posted on 05/21/2015, by David Cantón (INCIBE)
Application layer denial of service attacks are the second main group of Denial of Service (DoS) attacks, along with DoS attacks against the infrastructure layer. As its name indicates, these types of attacks are targeted at the application layer or layer seven of the OSI model. Their objective is to cause a denial of service, taking advantage of design flaws in the communications protocol...
DoS Attacks

DoS Attacks: Infrastructure Layer

Posted on 04/09/2015, by David Cantón (INCIBE)
As we have already mentioned previously, infrastructure attacks are those that focus mainly on layers three and four of the OSI model (ISO/IEC 7498-1) and application layer protocols that support communications, such as DNS or NTP. This is the most frequent type of attack and, as illustrated in the following graphic, makes up 90% of the DDoS attacks detected by Akamai in the fourth quarter of...
Classification of DoS Attacks

Classification of DoS Attacks

Posted on 02/26/2015, by David Cantón (INCIBE)
Denial-of-Service (DoS) attacks are one of the most frequent types of security incident and continue to be used extensively. In many cases, carrying out a denial-of-service attack does not require advanced knowledge. Some examples of this sort of aggression would be the attack suffered by 19,000 French web-sites in the context of the deadly assault on the premises of the satirical magazine...

Pages