Segmentados Investigación y Análisis

The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.

All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the Memcached protocol, describing in detail the prevention, identification and response phases to follow.

Anatsa is a banking Trojan designed for Android devices that has become particularly relevant since its discovery in January 2021. Throughout the study, a detailed technical analysis of the threat is carried out using a sample of the malicious code in question to show how this malware behaves and the possibilities it offers.

This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the mDNS protocol; it describes in detail the prevention, identification and response phases that must be undertaken.

This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the TFTP protocol; it describes in detail the prevention, identification and response phases that must be undertaken.

This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the NTP protocol; it describes in detail the prevention, identification and response phases that must be undertaken.

This post sets out some lines of action that must be followed to deal with a DrDoS cyberattack based on the DNS protocol; it describes in detail the prevention, identification and response phases that must be followed.

This article reviews the origin and development of the best-known types of denial-of-service attacks, placing special emphasis on Reflected Distributed Denial of Service attacks, analysing their main characteristics, operation, and consequences, as well as the measures necessary to mount a good defence against them.

Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.

In this post, an office document, a .doc file with macros, will be analyzed through the static and dynamic analysis of the sample in a controlled environment, in order to identify the actions carried out by the Emotet malware.

Software Defined Radio (SDR) is the result of the technological evolution of conventional analogue radio. Its characteristics and operational capability make it a versatile device with both positive and negative applications within the field of cybersecurity.