Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Forensics
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.
Carrying out an intrusion test or vulnerability analysis in a control system can prove complex due to availability. This is where testbeds come into play. They reproduce production environments and can be of great assistance to researchers and security analysts
The following article shall outline the most significant technical specifications of the main mobile platforms. Accordingly, the 4 most widely used mobile platforms are going to be taken into account based on their market share: Android, iOS, Windows Phone and BlackBerry OS.
If Pliny The Elder had lived in our times and worked in malware analysis, his proverb most likely would have looked like the title of this post. As malware evolves, the techniques used to hide it within the operating system constantly become more sophisticated. It can be hidden deep in the hard disk or hidden in plain sight in the hope that it will not be discovered, or it can be disguised....
When carrying a forensic analysis for mobile device , bearing in mind first and foremost the phases of acquisition and analysis of the evidence, it is necessary to know a wide range of methods, techniques and tools as well as the criteria necessary for being able to evaluate the suitability of using one versus another.
We are getting closer to the second edition of CyberCamp, the cybersecurity event organised by INCIBE, which started last year with the aim of bringing together young talent in cybersecurity. This year, it will be held in the Barclaycard Center in Madrid between 26 and 29 November. To detect and identify the best talent in Spain, as in the last edition, we have organised a series of technical...
When information of a dataset are analysed, whose origin or “feed” may be a database, information of raw files, logs, spreadsheet data, etc. one of the most powerful tools for drawing conclusions is to carry out correlations. In the post “The importance of language, binary diffing and other “One Day” stories”, we highlighted that the term “correlation” has begun to be heard frequently. However,...