Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Software
Reloj

Real-Time Operating Systems, hardening and functioning

Posted on 07/25/2019, by INCIBE
ICS environments are made up of very heterogeneous machines, with large differences depending on the system we are dealing with. Some of these systems have very strict response time requirements for their correct operation and therefore use real-time operating systems. Throughout this article we will see what real-time operating systems are, how they work, and we will propose hardening measures to reduce the likelihood that these devices will suffer a cyberattack.
CVSS_SCI

Industrial CVSS: alternative calculations for different needs

Posted on 07/23/2019, by INCIBE
Over time, different communities of experts related to the world of industrial cybersecurity have realised the challenge of calculating the CVSS (Common Vulnerability Score System) for vulnerabilities in industrial environments. This article aims to show the alternatives proposed by experts, such as RSS-MD, TEMSL and IVSS in order to correctly calculate their severity in the industrial environment.
Protect

Protect your DNS requests with DNS over TLS

Posted on 07/04/2019, by Ignacio Porro Sáez (INCIBE)
Security breaches that put our privacy at risk, leaks of our data, passwords... are incidents that happen more and more often. Protecting ourselves from these information leaks is often beyond our reach, but this does not mean that we should not try to take measures to protect our data. DNS-over-TLS can be very helpful in encrypting our communications, making them much more secure.
Understanding industrial network traffic, dissectors and Lua and Kaitai

Understanding industrial network traffic, dissectors and Lua and Kaitai

Posted on 06/07/2018, by INCIBE
Not only is the interpretation of network traffic crucial to analyse the safety and performance of a network structure, but also for other tasks, such as incident management, the optimisation of our network infrastructure or for didactic purposes. In order to do so, it is necessary to have dissectors that help separate each of the fields that make up a protocol, and allow them to be individually analysed.
Criptodivisas: su papel en el malware

Cryptocurrency and its role in malware

Posted on 04/12/2018, by José Manuel Roviralta (INCIBE)
It is increasingly common to find malware related to cryptocurrencies, either to use them as payment currency in extortions and illegal activities, cryptocurrency theft or infiltrate on systems and equipment from all areas to take advantage of the resources of the victims' equipment to undermine cryptocurrency
Honeypots industriales

Industrial Honeypots

Posted on 03/23/2017, by INCIBE
The increasing number of attacks to industrial networks forces us to analyse their behaviour so that we can implement measures to mitigate said attacks. One of the options used to learn about the behaviour of attacks is the deployment of honeypots. This article deals with the advantages and challenges of this technology when used in industrial environments.
OS X

OS X security model (II)

Posted on 02/18/2016, by Antonio López (INCIBE)
In the article: Security Model in OS X (I), we introduced the operating system’s main accumulated security features accumulated up to Yosemite (OS X 10.10). With the latest version, launched in September 2015, an interesting new security feature appears in the system. System Integrity Protection (SIP) As of OS X 10.11 (El Capitan), Apple is tightening security measures even further with the...
OS X security model (I)

OS X security model (I)

Posted on 02/11/2016, by INCIBE
Security measures in OS X have been incorporated into the operating system base, with functions added and improved upon as different versions are published. Together,these measures form a layered model that reinforce the basic outline of typical POSIX permissions and provides a mechanism covering various aspects of protection against security threats. Let’s see how this system works. First line...

Pages