Nobelium es la denominación de Microsoft para un grupo de atacantes que, según la atribución llevada a cabo por la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) de Estados Unidos, pertenecen al Servicio de Inteligencia Exterior (SRV) de Rusia. Este grupo criminal es conocido por el ataque a la cadena de suministro de SolarWinds, y una campaña masiva de phishing haciéndose pasar por una empresa de desarrollo estadounidense.
This section provides content of interest to professionals involved in vulnerability research, cybersecurity threat and event analysis, digital forensics, ethical hacking or pentesting, fraud investigation or cyberintelligence analysis.
This post explains the infrastructure of command and control (C&C), describing what an attack consists of, related terminology, actions undertaken by attackers, models, general function and preventative measures, detection and response to this threat.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the ARD protocol, describing in detail the prevention, identification and response phases to follow.
Grandoreiro, also known as Delephant, is a banking trojan from South America, which has spread its operations to other regions, especially Europe, including Spain and Portugal. According to ESET researchers, it has been active since 2015, affecting countries in Latin America, mainly Brazil, where it was developed.
This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SNMP protocol, describing in detail the prevention, identification and response phases to follow.
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
This post will analyse the vulnerabilities associated with Log4Shell, detected in the library Log4j, which is found in infinite software products both in technical and industrial fields. Although there have been other instances of more sophisticated vulnerabilities, the problem with this one is area of exposure.
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.