incidente

Contenido incidente

Blog posted on 21/09/2023

Firmware analysis can help to uncover potential vulnerabilities that would otherwise never have been discovered.

Although there are multiple types of attacks on IoT and IIoT devices, this guide focuses on the firmware of these devices to check for potential vulnerabilities, using security testing and reverse engineering to allow for an in-depth analysis of the firmware.

Blog posted on 24/08/2023

The increase of malware specifically designed to run on systems that support industrial processes creates a need in the industry that can be partly covered by different technological solutions. This article will focus on the different options available on the market to detect malicious files that aim to modify the operation of industrial environments or simply cause denials of service.
Both portable and agent-deployed solutions can be an option, and this article will reflect on these and other options as well as provide guidelines on when it is best to use one solution or the other.

Blog posted on 24/08/2023

The evolution of communications in society is also having an impact on the industrial world. With the arrival of 5G, many industrial companies have considered migrating some of their communications to take advantage of the characteristics of this new mobile communications band, such as the reduction of latency times, the increase in connection speed or the exponential increase in the number of devices that can be connected to the network. These characteristics fit perfectly with the industrial mentality, where there are a multitude of interconnected devices between which there cannot be a communication cut due to the criticality of the processes they implement. 

This article aims to comment, in addition to all the advantages that 5G provides to the industry, the different uses that can be given currently and the complexity of implementing these communications in some devices for subsequent deployment in the industry. Also, to specify possible vulnerabilities in communications using 5G networks.

Blog posted on 27/07/2023

The Purple Teams are exercises in which three very well differentiated teams participate: a Red Team, a Blue Team and a Purple Team. The Red Team will be in charge of carrying out attacks on the defined structure, the Blue Team will be the team in charge of defending that structure and the inclusion of the Purple Team allows the two previous teams to communicate with each other and be organized correctly thanks to the work of the purple team. This is why the Purple Teams allow a great number of advantages to be obtained with respect to carrying out the exercises separately and without coordination between them.
This article presents all these advantages and much more about Purple Teams.

Blog posted on 20/07/2023

When a security incident occurs in an ICS (Industrial Control System), depending on the severity of the incident, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.
Therefore, in this article following the one entitled "Good practices for the recovery of industrial systems (I)", response plans will be discussed from a point of view oriented to current regulations, as well as their applications and necessity in critical industrial environments, such as the energy sector. 

Blog posted on 13/07/2023

When a security incident occurs in an ICS (Industrial Control System), depending on its severity, it can generate a serious problem, both at a productive and economic level, as well as in the security of the people working in the industrial system.
Therefore, in this first article of a series on this subject, we will explain precisely the recovery plans, some general guidelines for their development and some conclusions on the use and applicability of these plans.