DrDoS cyberattack based on the QOTD protocol
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SSDP protocol, describing in detail the prevention, detection and response phases.
IT Systems and networks administration
This section provides content of interest to IT professionals involved in managing systems, services, applications, network equipment, technical and user support, access controls and SOC or IT incident response specialists.
The MITRE matrix: tactics and techniques in industrial settings
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
Threat analysis study: Hive
The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.
Ransomware: response measures
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
EVOLVE: organisations’ capacity to adapt and improve their services after a cyberattack
All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks
DrDoS cyberattack based on the SSDP protocol
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SSDP protocol, describing in detail the prevention, detection and response phases.
New generation antivirus applied to OT environments
The new generations of antiviruses may entail an improvement in the OT environment, since special care must be taken with the assets, networks and communications of Industrial Control Systems. They can also help secure our industries against the increasingly frequent cyberattacks directed against them.
Digital Movile Radio in industry 4.0
Due to the problems and limitations of analogue radio communications, the Digital Mobile Radio (DMR) standard has emerged as one of the main solutions in the voice and data industry; it offers new features and improved characteristics in terms of communication quality, performance and security.
Ransomware: detection measures
Cyberattacks using ransomware constitute one of the biggest threats to companies all over the world and Spain is the tenth most affected country. This article, as a continuation of previous posts on preventive measures, looks in detail at how to detect these attacks.
RECOVER: the capacity of organizations to restore their services following a cyber-attack
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.