INCIBE-CERT

In May 2025 the KrebsOnSecurity site suffered a massive DDoS attack of approximately 6.3 Tbps. According to the information reported, it was a brief incident ( approximately 40 to 45 seconds) designed as a test of a new IoT botnet called Aisuru. The magnitude of the attack was unprecedented: it exceeded the 2016 Mirai attack (623 Gbps) by a factor of ten. At the time, the affected entity was under the protection of Google Project Shield (free anti-DDoS service for media), and Google confirmed that this was the largest attack its infrastructure had ever suffered. This incident is a clear example that DDoS attacks are becoming more and more powerful, and can compromise even the most prepared entities, so we will explain in detail the topic of DDoS attacks.

Given the increasing proliferation of NoSQL databases in modern applications, it is critical for developers and security teams to understand the risks associated with NoSQL injections. This article discusses the threats and impact of these vulnerabilities, the techniques attackers use to discover and exploit weaknesses in applications, and best practices for protecting against these types of attacks. Through a defense-in-depth strategy, which combines input validation, secure queries, strict access controls, and continuous monitoring, organizations will be able to strengthen the security of their applications against NoSQL injections and mitigate the associated risks.

The Initial Access tactic is one of the 12 tactics that make up the matrix developed by MITRE for industrial environments (for more information on the matrix, feel free to consult the article ICS Matrix, the State of v11). Within this tactic, different techniques used by attackers with the aim of gaining unauthorized access to an industrial environment are shown. This is often the first target of external attackers, as access to the ICS's internal environment allows internal computers to be recognized and exploited, move around the network, gain elevated privileges, or steal sensitive information. Therefore, it is important to know this tactic in order to defend our systems