Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Cybercrime
industrial cloud

My SCADA in the cloud

Posted on 11/03/2015, by INCIBE
Like their corporate counterparts, industrial systems are constantly evolving in order to become more competitive. One of the improvements taking place in these environments at the moment is the reduction of costs through the use of cloud technology.
Thum

Click fraud - a highly lucrative business

Posted on 07/28/2015, by INCIBE
Various studies have indicated that bots currently constitute over half of all global Internet traffic. Certain reports, such as "The 2015 Bad Bot Landscape Report" released by Distil Networks, Inc, even divide traffic into legitimate and malicious traffic, concluding that the latter is growing at an alarming rate. The boom that Cloud Computing has experienced in recent times has been one of...
Ransomware

Combating Ransomware

Posted on 07/15/2015, by Manuel López y Jesús Arnáiz
Given the widespread use of Information and Communications Technology (ICT) in all areas of society, a series of threats against Society have appeared in cyberspace, and they occur in different forms: cybercrime, cyberterrorism, and cyberwarfare, amongst others. Within these cyber threats, those with the generic name Ransomware are evolving quickly and with a major impact. We will explain...
Biometrics

Biometrics and dynamic authentication

Posted on 06/10/2015, by Antonio López (INCIBE)
In the world of information technology, achieving a status of total security is a goal that is practically impossible. In particular, one of the most persistently sought objectives is to find authentication and identification methods that come close to this total security utopia. Can biometrics bring progress in this issue?
DoS

DoS: Application Layer

Posted on 05/21/2015, by David Cantón (INCIBE)
Application layer denial of service attacks are the second main group of Denial of Service (DoS) attacks, along with DoS attacks against the infrastructure layer. As its name indicates, these types of attacks are targeted at the application layer or layer seven of the OSI model. Their objective is to cause a denial of service, taking advantage of design flaws in the communications protocol...
DoS Attacks

DoS Attacks: Infrastructure Layer

Posted on 04/09/2015, by David Cantón (INCIBE)
As we have already mentioned previously, infrastructure attacks are those that focus mainly on layers three and four of the OSI model (ISO/IEC 7498-1) and application layer protocols that support communications, such as DNS or NTP. This is the most frequent type of attack and, as illustrated in the following graphic, makes up 90% of the DDoS attacks detected by Akamai in the fourth quarter of...
Classification of DoS Attacks

Classification of DoS Attacks

Posted on 02/26/2015, by David Cantón (INCIBE)
Denial-of-Service (DoS) attacks are one of the most frequent types of security incident and continue to be used extensively. In many cases, carrying out a denial-of-service attack does not require advanced knowledge. Some examples of this sort of aggression would be the attack suffered by 19,000 French web-sites in the context of the deadly assault on the premises of the satirical magazine...
EC3_logo

The Internet Organised Crime Threat Assessment (iOCTA) by EC3

Posted on 12/16/2014, by María José Santos (INCIBE)
On the 29th of September of 2014, the European Cybercrime Centre (E3C) at Europol published a report known as "The Internet Organised Crime Threat Assessment (iOCTA)", which provides recommendations on how to act to dissuade crimes committed over electronic communication networks and how to fight against cybernetic threats. The report studies the distinguishing aspects of cybercrime with...

Pages