Home / Blog / Filter / Blog
Subscribe to CERTSI - Blog RSS

Blog

Post related to: Vulnerabilities
Mitigating availability problems in the industry

Mitigating availability problems in the industry

Posted on 07/19/2018, by INCIBE
Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.
Portada greatest hits 2016

Greatest Hits 2016

Posted on 01/23/2017, by Miguel Herrero (INCIBE)
El aim of Cybersecurity Highlights service is to gather all relevant news related to cybersecurity through the year. This is the article that summarizes those news that have been more important in 2016.
Atrapando sombras en la industria

Hunting shadows in Industry

Posted on 11/03/2016, by INCIBE
In the same way that a known character or image is reflected within an industry by feigning a happy face, advanced persistent threats exist and are often camouflaged through the phenomenon of pareidolia (they resemble something else) within industrial networks. But how can we spot these threats? And, above all, is it possible to pre-empt their malicious intentions?
Building from the Ground Up: Protecting End Devices

Building from the Ground Up: Protecting End Devices

Posted on 07/06/2016, by INCIBE
Embedded devices are Los dispositivos embebidos are becoming ever more present in the systems of today; such as end devices, whether cars, industrial machinery or in the areas of health, robotics, etc. Moreover, with the emergence of the Internet of Things (IoT), the use of communication devices and information exchange is expanding even further.
DROWN: yet another SSL vulnerability

DROWN: yet another SSL vulnerability

Posted on 03/23/2016, by Santiago González (INCIBE)
What is DROWN? DROWN is the name given to a new vulnerability linked to It is therefore a continuation of the trend that has appeared in recent years whereby diverse vulnerabilities have appeared which have a certain impact associated to Internet communication security, for example Heartbleed, POODLE, WinShock, FREAK o Logjam, among others. The acronym DROWN stands for Decrypting RSA with...
2014: The toughest year for cryptographic web protocols

2014: The toughest year for cryptographic web protocols

Posted on 12/30/2014, by Santiago González (INCIBE)
Security errors SSL (along with its TLS evolution) is the most used cryptographic protocol in its different implementations to guarantee the confidentiality of communications on Internet. This is achieved by ciphering, via asymmetrical cryptography algorithms, the communications between the client (usually the user’s web browser) and the server it gains access to. When a website is shown using...