Home / Blog / Filter / Blog
Subscribe to INCIBE-CERT - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Malware
Threat analysis image

Threat analysis study: Grandoreiro

Posted on 06/02/2022, by INCIBE
Grandoreiro, also known as Delephant, is a banking trojan from South America, which has spread its operations to other regions, especially Europe, including Spain and Portugal. According to ESET researchers, it has been active since 2015, affecting countries in Latin America, mainly Brazil, where it was developed.
Tags: 
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows
Cybersecurity measures from a global perspective

Cybersecurity measures from a global perspective

Posted on 03/11/2022, by INCIBE
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Tags: 
Antivirus
Bastioning procedures
Best practices
Cloud computing
Continuity
Critical infrastructures
Cybercrime
Data protection
Firewall
Identity management
IDS/IPS
Incident
Industrial Control System
Malware
Phishing
Policies
Safe development
Services deployment
SIEM
Threats
Vulnerability
imagen de estudios de amenazas

Threat analysis study: Hive

Posted on 12/20/2021, by INCIBE
The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.
Tags: 
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows
Ransomware: response measures

Ransomware: response measures

Posted on 12/16/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
Tags: 
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Forensics
Malware
Policies
Ransomware measures
Safe development
Threats
Vulnerability
New generation antivirus

New generation antivirus applied to OT environments

Posted on 10/28/2021, by INCIBE
The new generations of antiviruses may entail an improvement in the OT environment, since special care must be taken with the assets, networks and communications of Industrial Control Systems. They can also help secure our industries against the increasingly frequent cyberattacks directed against them.
Tags: 
Antivirus
Critical infrastructures
Data protection
Industrial Control System
Malware
Phishing
Threat intelligence
Threats
Ransomware: preventative measures (II)

Ransomware: preventative measures (II)

Posted on 09/30/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. That is why, in this article, as a continuation of the previous one entitled: ‘Ransomware: preventative measures (I)’, will cover in detail new recommendations to prevent them.
Tags: 
Antivirus
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Malware
Policies
Ransomware measures
Safe development
Social engineering
Threats
Ransomware: preventive measures (I)

Ransomware: preventative measures (I)

Posted on 09/21/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world, and Spain is the tenth most affected country. This article, the first in a series dedicated to this subject, will provide a detailed list of recommendations for preventative measures dedicated to hardening in order to deal with such attacks.
Tags: 
Bastioning procedures
Best practices
Critical infrastructures
Cybercrime
Data protection
Firewall
Identity management
Incident
Malware
Policies
Ransomware measures
Services deployment
Threats
image of threat studies

Threat analysis study: Anatsa

Posted on 07/05/2021, by INCIBE
Anatsa is a banking Trojan designed for Android devices that has become particularly relevant since its discovery in January 2021. Throughout the study, a detailed technical analysis of the threat is carried out using a sample of the malicious code in question to show how this malware behaves and the possibilities it offers.
Tags: 
Android
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Safe development
Social engineering
Studies & stats
Threats
Threat analysis studies image

Threat analysis studies: Mekotio, FluBot, Cring and WannaMine

Posted on 04/15/2021, by INCIBE
Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.
Tags: 
Android
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows

Pages