This post explains the infrastructure of command and control (C&C), describing what an attack consists of, related terminology, actions undertaken by attackers, models, general function and preventative measures, detection and response to this threat.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: IDS/IPS
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Due to the problems and limitations of analogue radio communications, the Digital Mobile Radio (DMR) standard has emerged as one of the main solutions in the voice and data industry; it offers new features and improved characteristics in terms of communication quality, performance and security.
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.
Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.