How to prevent an antivirus bypass

Posted on 29/12/2022, by
INCIBE (INCIBE)
hand breaking stone shield
Antivirus is one of the main lines of defence when a user downloads a malicious file or an attacker has gained access to the computer and attempts to execute malware. Cybercriminals use various means to avoid an antivirus, using different tools and techniques depending on their type and functionalities. This article details the techniques commonly used, as well as the protective measures we should take to prevent attackers from executing malware on our computers.

Incontroller, the intelligent menace

Posted on 15/12/2022, by
INCIBE (INCIBE)
Incontroller, the intelligent menace
The increase in industrial control systems and the shortcomings of those systems in cybersecurity measures have made such systems a preferred target of attacks. The number of tools designed to pose a threat to the OT sector has increased, and the use of the Incontroller tool is especially concerning.

Web-based virtual radars

Posted on 11/11/2022, by
Víctor Rivero Díez (INCIBE)
decorative image
Es tanta la información que se encuentra actualmente accesible para los usuarios en Internet, que aquella ofrecida por ciertas páginas web o aplicaciones en tiempo real puede resultar de especial preocupación en cuanto a su confidencialidad para ciertos sectores, dado que podría ser utilizada con fines malintencionados.
Etiquetas

Context in the measurement of cyberresilience indicators at the national level

Posted on 27/10/2022, by
INCIBE (INCIBE)
Context in the measurement of cyberresilience at the national level
Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.

Attacks on analog sensors in OT

Posted on 06/10/2022, by
INCIBE (INCIBE)
decorative image
In order to increase security levels in OT networks, there are now solutions that monitor networks, devices and configurations, actively looking for anomalies and possible security flaws and intrusions that could take place. However, there are other types of attacks on ICS that are carried out on a completely different plane, where anomaly analysis systems can’t reach. These are attacks on analog sensors.

Threat analysis study: Nobelium

Posted on 08/09/2022, by
INCIBE (INCIBE)
Threat analysis study
Nobelium es la denominación de Microsoft para un grupo de atacantes que, según la atribución llevada a cabo por la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) de Estados Unidos, pertenecen al Servicio de Inteligencia Exterior (SRV) de Rusia. Este grupo criminal es conocido por el ataque a la cadena de suministro de SolarWinds, y una campaña masiva de phishing haciéndose pasar por una empresa de desarrollo estadounidense.

Differences between OT DMZ and IT DMZ

Posted on 04/08/2022, by
INCIBE (INCIBE)
OT DMZ vs IT DMZ
Demilitarized zones, also known as DMZs (demilitarized zones), are used for the secure exchange of information between computers on a network that we want to protect and an external network that needs to access those computers. DMZs are widely used in the IT sector and also in the OT sector, but the equipment and services they host are not exactly the same.

Go top