Segmentados Desarrollo

Anatsa is a banking Trojan designed for Android devices that has become particularly relevant since its discovery in January 2021. Throughout the study, a detailed technical analysis of the threat is carried out using a sample of the malicious code in question to show how this malware behaves and the possibilities it offers.

In previous articles an introduction was given to the 61850 regulation and the different protocols of which it consists. As explained in those articles, the GOOSE and SV (Sample Values) protocols, included in the standard, use multicast frames. Security is very difficult to implement in this type of frame, but there are a number of measures that make possible to raise the security level.

In recent years we have witnessed the evolution of the electrical grid and the development of new technologies produce what we know today as the smart grid. This evolution continues to this day and the trend seems to point to greater interconnection between end consumers and the grid, which increases possible attack vectors. Over the course of this article, we shall see the security measures that will be used in the electrical grid of the future.

Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.

In this post, an office document, a .doc file with macros, will be analyzed through the static and dynamic analysis of the sample in a controlled environment, in order to identify the actions carried out by the Emotet malware.

With the arrival of industry 4.0 to companies’ productive processes, including IIoT and Cloud, the need to control and monitor the ICS that remotely make them up arises. However, said access points should be established securely and in a controlled manner, mainly due to the criticality of these assets. This article discusses good practices, tools and methods that can be used to establish remote connections to OT networks as securely as possible.

Wireless communications encompass a set of protocols that are widely used in some industrial sectors. In particular, building automation is based on these protocols, mainly using the BACNET and Lontalks protocols, but also making use of new ZigBee and Bluetooth based devices for IIoT. This article will provide information on SweynTooth, a set of vulnerabilities that affect Bluetooth technology.

This post presents some lines of action to be followed in the case of having fallen victim to Ekans ransomware. It describes in detail the prevention, identification and response phases to be carried out.

With the aim of increasing cybersecurity knowledge, INCIBE-CERT has published a series of webinars in video format, so that, in a light and entertaining way, knowledge and technical aspects of cybersecurity can be expanded in various areas of interest, for both INCIBE-CERT's technical audience and anyone interested in cybersecurity.

In this post we will explain the ability to resist, one of the 4 goals of the IMC model, which allows us to determine if an organization is capable of continuing with the essential services it provides, in the event of a cyberattack.

In this new blog entry, we will analyze the features and describe the operation of a new ransomware called Ekans, initially known as Snake, which has a very specific design, aimed at infecting and blocking Industrial Control Systems (ICS).

GNSS (Global Navigation Satellite System) technology is deeply integrated into society to meet geolocation and time measurement needs; it is considered one of the most reliable and it is a critical element for certain industrial sectors. However, due to the advancement of the technology and its widespread use, GNSS are being compromised by cybercriminals.