cibercrimen

Contenido cibercrimen

Blog updated on 17/02/2022

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the QOTD protocol, describing in detail the prevention, identification and response phases to follow.

Blog updated on 11/11/2021

This post presents some lines of action that should be followed to deal with a DrDoS cyberattack based on the SSDP protocol, describing in detail the prevention, identification and response phases to follow.

Blog updated on 31/05/2024

En este post se presentan algunas líneas de actuación que deben seguirse para hacer frente a un ciberataque DrDoS basado en el protocolo CharGEN, describiendo detalladamente las fases de prevención, identificación y respuesta a adoptar.

Blog posted on 23/05/2024

Babuk Tortilla is a version of the original Babuk ransomware, which emerged after the leak of its source code, and which attracted attention in the cybersecurity landscape due to the intention of being deployed on vulnerable servers.

This article reviews its origin and operation, focusing on its modus operandi and the techniques used to breach the security of data and systems. It also provides key tools and recommendations to identify and neutralize its effect on technological infrastructures, providing users with the necessary knowledge to defend against this significant risk. Understanding how Babuk Tortilla works and its recovery mechanisms is vital.

News updated on 25/04/2024
News updated on 05/04/2024
Blog posted on 11/04/2024

Since its appearance in 2022, Black Basta has established itself as one of the most dangerous ransomwares in the current landscape, standing out for its ability to carry out double extortion attacks, stealing and encrypting data from its victims. Although it focuses on Windows systems, versions for Linux systems that attack ESXi hypervisors have also been discovered. At the end of December 2023, a renowned ethical hacking lab in Berlin published a decryption tool on GitHub to combat it. Although the group has recently updated its software to fix this flaw, the release of the decryption tool represents a major blow against its operations. In this article, we take a closer look at how this ransomware works, exploring the methods it employs to compromise the integrity of data and systems and presenting the decryption method for its vulnerable version.