Studies

Study of the Mekotio analysis

Through this study, a detail technical analysis of the threat is undertaken, with a sample of the malicious code, which belongs to the Mekotio family, with the main aim of identifying the actions this software carries out, using the set of tools used by this team of analysts.

Documentos asociados:

Study of the Mekotio analysis

Study of the FluBot analysis

This study focuses on the malicious code FluBot, a Trojan specially designed for Android devices and which has been present in multiple fraudulent SMS campaigns since 2020, in which it spoofs logistics companies seeking to have the user install a malicious application.

Documentos asociados:

Study of the FluBot analysis

Study of the Cring analysis

This study contains a detailed technical report prepared after analysing a sample of malicious code identified as Cring, the main purpose of which is to identify the actions it carries out, by performing an advanced analysis of the sample, using the set of tools used by the team of analysts.

Documentos asociados:

Study of the Cring analysis

Study of the WannaMine analysis

This study, conducted after analysing a sample of malware from the WannaMine family, with the main purpose of identifying the actions it performs and how it spreads, as well as identifying the family it belongs to and possible destructive effects it may cause, to know it and be able to take adequate prevention and response action.

Documentos asociados:

Study of the WannaMine analysis

Summary report of the feasibility study and design of a network of centers of excellence in R & D in cybersecurity

This report contains a summary of the methodology followed as well as the main findings and results obtained after completion of the study in order to understand the context and dynamics of the R&D and innovation activity related to cybersecurity in Spain.

Documentos asociados:

Summary report of the feasibility study and design of a network of centers of excellence in R & D in cybersecurity

Cyber exercises taxonomy

INCIBE publishes the study on “Cyber exercises taxonomy” with the aim of proposing a taxonomy of cyber exercises that can become a useful tool for the national and international cybersecurity community.

Documentos asociados:

Cyber exercises taxonomy

Android malware situation

Being Android is the most widely used mobile platform, it has become the most frequently attacked system by cybercriminals.

Documentos asociados:

Android malware situation

Security in cloud storage services: Analysis of Dropbox and Mega

INCIBE publishes the study on "Security in cloud storage services: Analysis of Dropbox and Mega", with the purpose of studying the features that are important for their security, analysing the specific cases of Dropbox and Mega.

Documentos asociados:

Security in cloud storage services: Analysis of Dropbox and Mega

Telegram: Bypassing the authentication protocol

INCIBE publishes an analysis of the authentication and authorization protocol of the instant messaging application Telegram. This study shows a design problem, including a Proof of Concept, that might allow an attacker bypass the system's authentication and obtain an almost complete control of the account of her victim.

Documentos asociados:

Telegram: Bypassing the authentication protocol

Cyber-Resilience: An Approach to a Measurement Framework

Computer Emergency Response Team from INCIBE publishes the study "Cyber-Resilience: An Approach to a Measurement Framework." The cyber-resilience is the capacity for resisting, protect and advocate the use of cyberspace from attackers. INCIBE proposes an indicators framework for measuring aimed at measuring the capacity of organizations to various attacks, threats or incidents that may occur.

Documentos asociados:

Cyber-Resilience: An Approach to a Measurement Framework

Corporate access