Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.

Post related to: IDS/IPS

dos hombres con unidades de almacenamiento

System hardening: the case of Linux

Knowing the resources available when performing tasks of hardening a system, will allow us to optimize the time necessary to obtain a safer system. In addition, we have the possibility of using tools capable of auditing the system that identifies those configurations that are considered safe and which ones we could implement.

Tags:

Android

Antivirus

Bastioning procedures

Secure programming techniques for PLC

The programming of PLCs is a fundamental part of the initial phases when building and designing industrial plants. About that environment, the company will base all its operations in that environment making the configuration of these controllers a critical element. When it comes to programming these devices there are a series of steps and best practices that take advantage of the native functionalities available and that involve little or no need to resort to a PLC programmer, protecting the device in a simple way with minimum spend on resource.

Tags:

Industrial Control System

C&C: models, function and measures

This post explains the infrastructure of command and control (C&C), describing what an attack consists of, related terminology, actions undertaken by attackers, models, general function and preventative measures, detection and response to this threat.

Tags:

APT

Bastioning procedures

Botnet

Continuity

Critical infrastructures

DrDoS cyberattacks based on the ARD protocol

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.

Tags:

Bastioning procedures

Botnet

Continuity

Critical infrastructures

Machine learning in ICS

In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.

Tags:

Best practices

Critical infrastructures

Data protection

IDS/IPS

Industrial Control System

Safe development

SCADA

New DDoS attack vector: TCP Middlebox Reflection

TCP Middlebox Reflection: new DDoS attack vector

Weaknesses in TCP protocol implementation in middleboxes could provide a means to carry out distributed reflection denial-of-service (DrDoS) attacks against any target.

Tags:

Critical infrastructures

Industrial Control System

Threats

Cybersecurity measures from a global perspective

An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.

Digital Movile Radio in industry 4.0

Due to the problems and limitations of analogue radio communications, the Digital Mobile Radio (DMR) standard has emerged as one of the main solutions in the voice and data industry; it offers new features and improved characteristics in terms of communication quality, performance and security.

Tags:

Critical infrastructures

RECOVER: the capacity of organizations to restore their services following a cyber-attack

It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.

Tags:

Best practices

Continuity

Critical infrastructures

INCIBE-CERT technical webinars

With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.

Tags:

Bastioning procedures