Home / Blog / Filter / Blog
Subscribe to INCIBE-CERT - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Data protection
Log4Shell: analysis of vulnerabilities in Log4j

Log4Shell: analysis of vulnerabilities in Log4j

Posted on 02/24/2022, by INCIBE
This post will analyse the vulnerabilities associated with Log4Shell, detected in the library Log4j, which is found in infinite software products both in technical and industrial fields. Although there have been other instances of more sophisticated vulnerabilities, the problem with this one is area of exposure.
Tags: 
Android
Continuity
Critical infrastructures
Cybercrime
Data protection
IIoT
Incident
Industrial Control System
Industrial protocol
iOS
IoT
Linux
Safe development
SCADA
Services deployment
Threats
Vulnerability
Windows
MITRE matrix: TTP in ICS

The MITRE matrix: tactics and techniques in industrial settings

Posted on 02/03/2022, by INCIBE
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
Tags: 
Best practices
Data protection
Forensics
Industrial Control System
Pentesting
Policies
Safe development
SIEM
Threat intelligence
Threats
Vulnerability
Ransomware: response measures

Ransomware: response measures

Posted on 12/16/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
Tags: 
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Forensics
Malware
Policies
Ransomware measures
Safe development
Threats
Vulnerability
CII: evolve measurement

EVOLVE: organisations’ capacity to adapt and improve their services after a cyberattack

Posted on 11/25/2021, by INCIBE
All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks
Tags: 
Best practices
Continuity
Critical infrastructures
Cybercrime
Data protection
Incident
Legal compliance
Pentesting
Policies
Safe development
Studies & stats
Threats
New generation antivirus

New generation antivirus applied to OT environments

Posted on 10/28/2021, by INCIBE
The new generations of antiviruses may entail an improvement in the OT environment, since special care must be taken with the assets, networks and communications of Industrial Control Systems. They can also help secure our industries against the increasingly frequent cyberattacks directed against them.
Tags: 
Antivirus
Critical infrastructures
Data protection
Industrial Control System
Malware
Phishing
Threat intelligence
Threats
CII recover goal

RECOVER: the capacity of organizations to restore their services following a cyber-attack

Posted on 10/07/2021, by INCIBE
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
Tags: 
Best practices
Continuity
Critical infrastructures
Data protection
IDS/IPS
Incident
Policies
SCADA
SIEM
Studies & stats
Ransomware: preventative measures (II)

Ransomware: preventative measures (II)

Posted on 09/30/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. That is why, in this article, as a continuation of the previous one entitled: ‘Ransomware: preventative measures (I)’, will cover in detail new recommendations to prevent them.
Tags: 
Antivirus
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Malware
Policies
Ransomware measures
Safe development
Social engineering
Threats

Pages