TCP Middlebox Reflection: new DDoS attack vector
Weaknesses in TCP protocol implementation in middleboxes could provide a means to carry out distributed reflection denial-of-service (DrDoS) attacks against any target.
Blog
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Industrial Control System
IEC 62443-4-2, the need to secure components
The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.
FAT and SAT tests on industrial devices
The continuity of the production process in businesses that require industrial automation depends more and more on the proper functioning, safety and reliability of the system of that composes it. Therefore, conducting tests of acceptance of its operation prior to its commissioning, is vital to ensure that the systems acquired meet the requirements set out in the contract between the company and the manufacturer.
Cybersecurity measures from a global perspective
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Security level according to IEC 62443-3-3 in Industrial Control Systems
Standard 62443 arose as a development the ISA 99 standard to fully cover security within control systems. Divided into several parts, each refers to different aspects related to security. The IEC 62443-3-3 standard refers to system security requirements and security levels.
Log4Shell: analysis of vulnerabilities in Log4j
This post will analyse the vulnerabilities associated with Log4Shell, detected in the library Log4j, which is found in infinite software products both in technical and industrial fields. Although there have been other instances of more sophisticated vulnerabilities, the problem with this one is area of exposure.
The MITRE matrix: tactics and techniques in industrial settings
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
CORBAsec: security in CORBA middleware
Not all industrial control systems operate with the same programming language given that, depending on the manufacturer, devices will work with a specific software and programming language. This may be a problem for plant managers in industrial systems, as the interconnectivity between devices becomes impossible, or at least, is further complicated. One solution that has emerged in order to connect systems from different operating systems is CORBA standard and CORBAsec, its development with added security.
New generation antivirus applied to OT environments
The new generations of antiviruses may entail an improvement in the OT environment, since special care must be taken with the assets, networks and communications of Industrial Control Systems. They can also help secure our industries against the increasingly frequent cyberattacks directed against them.
Control of multicast requests in the IEC 61850 standard
In previous articles an introduction was given to the 61850 regulation and the different protocols of which it consists. As explained in those articles, the GOOSE and SV (Sample Values) protocols, included in the standard, use multicast frames. Security is very difficult to implement in this type of frame, but there are a number of measures that make possible to raise the security level.