Home / Publications / Studies
Subscribe to INCIBE-CERT - Studies RSS
Cybersecurity in TETRA networks study

Cybersecurity in TETRA networks study

Posted on 03/30/2023
The purpose of this study is to provide advanced knowledge about TETRA networks, so that different users can consider this standard for their critical communications, as well as to increase users’ basic knowledge about this type of networks. On the other hand, it defines different types of vulnerabilities that can affect this type of networks and explains how to remedy or mitigate them.
Documentos asociados: 
incibe-cert_cybersecurity_in_tetra_networks_study_2023_v1.0.pdf
Lockbit analysis study

Lockbit analysis study

Posted on 03/23/2023
This study briefly describes the origin and threat evolution of the ransomware LockBit 3.0, through the analysis of several malicious samples, with the aim of providing the necessary information to identify the characteristics of this malware, its behaviour and the techniques used, thus enabling a better identification and response to it.
Documentos asociados: 
incibe-cert_lockbit_analysis_study_2023_v1.pdf
Threat analysis study: Nobelium

Threat analysis study: Nobelium

Posted on 08/26/2022
This study briefly describes the origin, background and historical evolution of the Nobelium group, through the analysis of a malicious sample, with the aim of providing the necessary information to identify the characteristics of this threat, its behaviour and the techniques used, thus enabling a better identification and response to it.
Documentos asociados: 
incibe-cert_nobelium_analysis_study_2022_v1.pdf
Grandoreiro analysis study

Grandoreiro analysis study

Posted on 06/02/2022
This study focuses on the Grandoreiro banking trojan from South America that has spread its operations to other regions, principally Europe, including Spain and Portugal.
Documentos asociados: 
Grandoreiro analysis study
Anatsa analysis study

Anatsa analysis study

Posted on 07/05/2021
This study focuses on the harmful Anatsa code, a trojan especially designed for Android devices that has been present in multiple fraudulent SMS schemes since 2020, in which logistics companies are impersonated in an attempt to get the user to install a malicious application.
Documentos asociados: 
Anatsa analysis study
Study of the Mekotio analysis

Study of the Mekotio analysis

Posted on 04/15/2021
Through this study, a detail technical analysis of the threat is undertaken, with a sample of the malicious code, which belongs to the Mekotio family, with the main aim of identifying the actions this software carries out, using the set of tools used by this team of analysts.
Documentos asociados: 
Study of the Mekotio analysis
Study of the FluBot analysis

Study of the FluBot analysis

Posted on 04/15/2021
This study focuses on the malicious code FluBot, a Trojan specially designed for Android devices and which has been present in multiple fraudulent SMS campaigns since 2020, in which it spoofs logistics companies seeking to have the user install a malicious application.
Documentos asociados: 
Study of the FluBot analysis
Study of the Cring analysis

Study of the Cring analysis

Posted on 04/15/2021
This study contains a detailed technical report prepared after analysing a sample of malicious code identified as Cring, the main purpose of which is to identify the actions it carries out, by performing an advanced analysis of the sample, using the set of tools used by the team of analysts.
Documentos asociados: 
Study of the Cring analysis
Study of the WannaMine analysis

Study of the WannaMine analysis

Posted on 04/15/2021
This study, conducted after analysing a sample of malware from the WannaMine family, with the main purpose of identifying the actions it performs and how it spreads, as well as identifying the family it belongs to and possible destructive effects it may cause, to know it and be able to take adequate prevention and response action.
Documentos asociados: 
Study of the WannaMine analysis

Pages