This article reviews some of the most representative cybersecurity and cyberresilience frameworks that can be found in Spain, Europe, the US and the UK, and whose adoption can help organisations to further improve their cybersecurity protection capabilities.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Safe development
In previous articles an introduction was given to the 61850 regulation and the different protocols of which it consists. As explained in those articles, the GOOSE and SV (Sample Values) protocols, included in the standard, use multicast frames. Security is very difficult to implement in this type of frame, but there are a number of measures that make possible to raise the security level.
Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.
With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.
The Modbus protocol, in its TCP version, was not developed with cybersecurity capabilities in its communications. For this reason, many researchers have studied the different possibilities that could be undertaken at the technical level to incorporate a security layer in it, giving rise to a new version of Modbus/TCP called secure Modbus/TCP, which will gradually begin to be implemented in industrial communications.
Electric charging stations are increasingly used in urban furniture in cities. Electric cars and their need to be charged are a reality. Because of this, there is an increase in supply points that depend on specific protocols and communications for these stations.
Security breaches that put our privacy at risk, leaks of our data, passwords... are incidents that happen more and more often. Protecting ourselves from these information leaks is often beyond our reach, but this does not mean that we should not try to take measures to protect our data. DNS-over-TLS can be very helpful in encrypting our communications, making them much more secure.
The wireless protocols used in industrial environments for communication between devices are numerous are extensive, therefore ensuring these communications is vital for industrial process to function correctly. In this article, we'll look at the advantages of wireless communication audits and the disadvantages of not performing them.
Not only is the interpretation of network traffic crucial to analyse the safety and performance of a network structure, but also for other tasks, such as incident management, the optimisation of our network infrastructure or for didactic purposes. In order to do so, it is necessary to have dissectors that help separate each of the fields that make up a protocol, and allow them to be individually analysed.
Denial-of-service attacks are a type of cyber-attack which consists on reducing or cancelling altogether the capacity of servers or other computing resources to provide service. A denial-of-service attack can occur in different scenarios, such as overloading online services by mass request sending or exploiting vulnerabilities of programs or services in order to suspend function totally or partially. In most of such attacks, attackers use a wide range of techniques and tools to hide their identities, which makes it especially challenging to find the culprits.