This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: SIEM
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SNMP protocol, describing in detail the prevention, identification and response phases to follow.
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
Due to the problems and limitations of analogue radio communications, the Digital Mobile Radio (DMR) standard has emerged as one of the main solutions in the voice and data industry; it offers new features and improved characteristics in terms of communication quality, performance and security.
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.