Segmentados Desarrollo

Contenido Segmentados Desarrollo

En esta sección se ofrecen contenidos de interés para los profesionales que manejan en su actividad diferentes lenguajes de programación, entornos de desarrollo, herramientas para garantizar la seguridad, analistas y auditores de código, criptógrafos, o especialistas en ingeniería inversa y malware.

Emerging Threats to Industrial Control Systems

Posted on 23/08/2018, by
INCIBE (INCIBE)
Over recent years we have witnessed how industrial controls systems are not exempt from being targeted for cyberattacks. In this article we look back at threats detected in recent years to see how we can defend ourselves against them.
Etiquetas

Active defence and intelligence: from theory to practice

Posted on 02/08/2018, by
INCIBE (INCIBE)
active defense
The concept of defence in industrial environments is changing. Just as the attacks are increasingly more sophisticated, the protection systems tend to be more flexible and more evolved. Being able to strengthen the upper levels, such as active defence and intelligence, is essential, whilst always maintaining a solid base of the lower levels (passive defence and secure architecture).
Etiquetas

Mitigating availability problems in the industry

Posted on 19/07/2018, by
INCIBE (INCIBE)
Problems in the industry
Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.

Audits in Industrial Wireless Communication

Posted on 03/07/2018, by
INCIBE (INCIBE)
Industrial
The wireless protocols used in industrial environments for communication between devices are numerous are extensive, therefore ensuring these communications is vital for industrial process to function correctly. In this article, we'll look at the advantages of wireless communication audits and the disadvantages of not performing them.

Understanding industrial network traffic, dissectors and Lua and Kaitai

Posted on 07/06/2018, by
INCIBE (INCIBE)
Understanding industrial network traffic, dissectors and Lua and Kaitai
Not only is the interpretation of network traffic crucial to analyse the safety and performance of a network structure, but also for other tasks, such as incident management, the optimisation of our network infrastructure or for didactic purposes. In order to do so, it is necessary to have dissectors that help separate each of the fields that make up a protocol, and allow them to be individually analysed.

Cryptocurrency and its role in malware

Posted on 12/04/2018, by
José Manuel Roviralta Puente (INCIBE)
Criptodivisas: su papel en el malware
It is increasingly common to find malware related to cryptocurrencies, either to use them as payment currency in extortions and illegal activities, cryptocurrency theft or infiltrate on systems and equipment from all areas to take advantage of the resources of the victims' equipment to undermine cryptocurrency
Etiquetas

Protective measures against denial-of-service (DoS) attacks

Posted on 26/01/2018, by
Alejandro Fernández Castrillo
decorative image
Denial-of-service attacks are a type of cyber-attack which consists on reducing or cancelling altogether the capacity of servers or other computing resources to provide service. A denial-of-service attack can occur in different scenarios, such as overloading online services by mass request sending or exploiting vulnerabilities of programs or services in order to suspend function totally or partially. In most of such attacks, attackers use a wide range of techniques and tools to hide their identities, which makes it especially challenging to find the culprits.

How to Evaluate my Cybersecurity Capacities According to C4V

Posted on 03/11/2017, by
INCIBE (INCIBE)
How to Evaluate
After having analysed the "why" behind the cybersecurity capacities evaluation model in the first entry dedicated to the C4V model and after having explained how to carry out an appropriate management of risks in the value chain in the second edition, this third edition is dedicated to explaining how to carry out an evaluation of ourselves.