En esta sección se ofrecen contenidos de interés para los profesionales que manejan en su actividad diferentes lenguajes de programación, entornos de desarrollo, herramientas para garantizar la seguridad, analistas y auditores de código, criptógrafos, o especialistas en ingeniería inversa y malware.

New 2024 cybersecurity regulations for vehicles

Posted on 13/06/2024, by
cybersecurity regulations for vehicles study cover
The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc. 

Babuk Tortilla: use of recovery tool & processes

Posted on 23/05/2024, by
Imagen decorativa del blog
Babuk Tortilla is a version of the original Babuk ransomware, which emerged after the leak of its source code, and which attracted attention in the cybersecurity landscape due to the intention of being deployed on vulnerable servers.This article reviews its origin and operation, focusing on its modus operandi and the techniques used to breach the security of data and systems. It also provides key tools and recommendations to identify and neutralize its effect on technological infrastructures, providing users with the necessary knowledge to defend against this significant risk. Understanding how Babuk Tortilla works and its recovery mechanisms is vital.

Exploring M-Bus, security and efficiency in telemetry communications

Posted on 16/05/2024, by
Decorative photo
The M-Bus protocol is a common protocol in the industry in general, it’s daily use can be related to devices for measurements of electricity, gas, water, heating, etc. This protocol has a wireless variant called Wireless M-Bus and works through a hierarchical master/slave system, standardized according to EN13757.

Space, an increasingly important critical infrastructure

Posted on 09/05/2024, by
Decorative image
Space is an increasingly important element in the critical infrastructures of all countries. The possibility of losing or degrading space services can significantly affect both national security and all customers who have contracted services involving the use of satellites or any other space devices, resulting in major economic and security losses.To protect it, the National Institute of Standards and Technology (NIST) has developed a cyber security framework for the commercial ground segment of the space sector, providing a means for stakeholders to assess their cyber security posture in terms of identification, protection, detection, response and recovery operations, thereby evaluating the level of risk to the satellite ground segment structure.

DNP3 protocol in depth

Posted on 02/05/2024, by
Decorative photo blog
In the electricity sector, it has always been necessary to use robust communications that allow proper communication, since a failure in this sector would cause a large number of losses, both economic and social.In addition, with the technological advances, it is important also to have secure communications since the electricity sector is one of the sectors that currently suffers the most cyber-attacks. For this reason, in recent years different robust and secure protocols have been created.One of these protocols is DNP3, created mainly for the use of substation automation and control systems, for the electric utility industry, although it has now also been used for other sectors.Finally, in this article we want to explain in more depth the operation of this protocol and the benefits or disadvantages of using this protocol.

CAPEC in the ICS world

Posted on 18/04/2024, by
Decorative image
CAPEC (Common Attack Pattern Enumeration and Classification) is a project that focuses on enumerating and classifying common attack patterns on computer systems and providing a systematic approach to understanding and addressing the tactics used by attackers. Like CWE (Common Weakness Enumeration), CAPEC is an initiative of the computer security community and is maintained by the National Institute of Standards and Technology (NIST) in the United States. Recently in version 3.9, the project has incorporated a number of attack patterns related to the industrial world.This article aims to show the reader the use of these codes, such as those used at the identifier level in CVEs, CWEs, etc., and which are related to many of the jobs that are carried out on a daily basis in the industrial cybersecurity sector.

Are smart cars cybersecure?

Posted on 04/04/2024, by
¿Los coches inteligentes son ciberseguros? Imagen decorativa
The automotive world has always been one of the most cutting-edge sectors in terms of the technology used, which is why today's cars are equipped with technologies such as Bluetooth, NFC, GPS, etc., which improve different aspects such as comfort, fuel efficiency and increased safety.But these implemented technologies can also bring with them serious problems, such as the risk of cyber-attacks that can affect passengers in the vehicle, both at the level of personal data and physical security.For this reason, this article aims to provide an insight into some of the cyber-attacks that smart cars have suffered and how cyber-security is evolving and adapting to make more and more vehicles cyber-safe.

Dragonfly 2.0 mapping on MITRE ATT&CK ICS Matrix

Posted on 21/03/2024, by
Decorative image
Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure

ICS malware analysis study: BlackEnergy

Posted on 15/02/2024, by
Threat analysis study decorative image
The industrial environment, especially the energy sector, is one of sectors that is suffering the most from cyber-attacks. This trend has been increasing in recent years, as this is one of the most information-sensitive sectors and can cause major problems, both economically and socially.One of the best examples of malware attacks is BlackEnergy. This malware became known for being able to compromise several electricity distributors on 23 December 2015, causing households in the Ivano-Frankvisk region of Ukraine (a population of around 1.5 million) to be without electricity.For this reason, due to seriousness of this type of cyberattacks, it is necessary to continue researching and investing in industrial cybersecurity, to reduce the damage caused by this type of cyber-attack in industrial environments.

NB-IoT the ideal and low-power conection for IIoT

Posted on 08/02/2024, by
Decorative photo about Industrial Internet of Things
IoT networks are very useful for everyday life, but their use is not limited only to this type of environment; there are industrial environments where this type of networks can benefit connectivity between industrial devices and provide capabilities that other types of networks could not. The 3rd Generation Partnership Project or 3GPP developed the NB-IoT protocol, a protocol for when networks with higher performance, higher speed and high interconnectivity capacity between devices are required. This protocol can work both in IoT devices and in IoT devices in the industrial environment (IIoT).

Cibersecurity in the healthcare sector: features, threats and recommendations

Posted on 25/01/2024, by
Juan Díez González
Cibersecurity in the healthcare sector
After the pandemic, it has been observed that the healthcare sector has been one of the most attacked by cybercrimilas and organizations. This has generated a significant impact on the affected organitations, making it essencial to protect this sector due to its strategic nature and to achieve this, it is neccesary to understand its characteristics and the threats that affect it.

OPC UA, balancing cybersecurity and performance

Posted on 11/01/2024, by
Industrial factory at night
The OPC UA (OPC unified architecture) communication protocol is the most modern standard presented by OPC Foundation. Currently, the OPC UA protocol is one of the most widely used in industrial environments, due to its ability to interconnect different devices, regardless of their base protocol and vendor.Throughout this article, a technical assessment of the protocol will be conducted, explaining in detail the technical capabilities that allow a high level of cybersecurity to be implemented without causing performance losses in the devices.