Blog

Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.

In this post, an office document, a .doc file with macros, will be analyzed through the static and dynamic analysis of the sample in a controlled environment, in order to identify the actions carried out by the Emotet malware.

With the arrival of industry 4.0 to companies’ productive processes, including IIoT and Cloud, the need to control and monitor the ICS that remotely make them up arises. However, said access points should be established securely and in a controlled manner, mainly due to the criticality of these assets. This article discusses good practices, tools and methods that can be used to establish remote connections to OT networks as securely as possible.

Software Defined Radio (SDR) is the result of the technological evolution of conventional analogue radio. Its characteristics and operational capability make it a versatile device with both positive and negative applications within the field of cybersecurity.

The attacks on the Saudi Aramco oil refinery have highlighted the vulnerabilities of these plants against physical attacks using drones. There’s a wide variety of physical and cyber attacks that use drones, from launching explosives, to capturing images, invasion of privacy or taking screenshots of Wi-Fi traffic, so companies should take new defense measures in order to protect their assets

Wireless communications encompass a set of protocols that are widely used in some industrial sectors. In particular, building automation is based on these protocols, mainly using the BACNET and Lontalks protocols, but also making use of new ZigBee and Bluetooth based devices for IIoT. This article will provide information on SweynTooth, a set of vulnerabilities that affect Bluetooth technology.

Around 4 million robots are expected to be introduced in the area of industry over the next five years. This is on top of the evolution towards industry 4.0, in which industrial robotics is crucial, and which is now consolidated in any industrial process, from the manufacturing industry to any large-area warehouse. In that industrial transformation, barriers must be applied to ensure the integrity of the components and to prevent incidents in plants.

This post presents some lines of action to be followed in the case of having fallen victim to Ekans ransomware. It describes in detail the prevention, identification and response phases to be carried out.

With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.