Home / Blog / Filter / Blog
Subscribe to INCIBE-CERT - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Vulnerability
MITRE matrix: TTP in ICS

The MITRE matrix: tactics and techniques in industrial settings

Posted on 02/03/2022, by INCIBE
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
Tags: 
Best practices
Data protection
Forensics
Industrial Control System
Pentesting
Policies
Safe development
SIEM
Threat intelligence
Threats
Vulnerability
imagen de estudios de amenazas

Threat analysis study: Hive

Posted on 12/20/2021, by INCIBE
The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.
Tags: 
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows
Ransomware: response measures

Ransomware: response measures

Posted on 12/16/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
Tags: 
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Forensics
Malware
Policies
Ransomware measures
Safe development
Threats
Vulnerability
International cyberresilience frameworks for critical infrastructures

International cyberresilience frameworks for critical infrastructures

Posted on 09/16/2021, by INCIBE
This article reviews some of the most representative cybersecurity and cyberresilience frameworks that can be found in Spain, Europe, the US and the UK, and whose adoption can help organisations to further improve their cybersecurity protection capabilities.
Tags: 
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Data protection
Incident
Legal compliance
Policies
Safe development
Studies & stats
Threats
Vulnerability
Threat analysis studies image

Threat analysis studies: Mekotio, FluBot, Cring and WannaMine

Posted on 04/15/2021, by INCIBE
Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.
Tags: 
Android
Antiforensic
Antivirus
Botnet
Cryptography
Cybercrime
DFIR
Forensics
Incident
Linux
Malware
Networking
Pentesting
Phishing
Reversing
Safe development
Social engineering
Studies & stats
Threat intelligence
Threats
Vulnerability
Windows
Sweyntooth: Bluetooth in the spotlight

SweynTooth: Bluetooth in the spotlight

Posted on 12/17/2020, by INCIBE
Wireless communications encompass a set of protocols that are widely used in some industrial sectors. In particular, building automation is based on these protocols, mainly using the BACNET and Lontalks protocols, but also making use of new ZigBee and Bluetooth based devices for IIoT. This article will provide information on SweynTooth, a set of vulnerabilities that affect Bluetooth technology.
Tags: 
Best practices
Critical infrastructures
IIoT
Industrial protocol
Smart Grid
Threats
Vulnerability
Wireless
Spoofing jamming GNSS

Spoofing and jamming over GNSS

Posted on 07/09/2020, by Víctor Rivero Díez (INCIBE)
GNSS (Global Navigation Satellite System) technology is deeply integrated into society to meet geolocation and time measurement needs; it is considered one of the most reliable and it is a critical element for certain industrial sectors. However, due to the advancement of the technology and its widespread use, GNSS are being compromised by cybercriminals.
Tags: 
Critical infrastructures
Cryptography
Cybercrime
Threats
Vulnerability

Pages