Segmentados Investigación y Análisis

A high percentage of devices developed for the industrial world have physical interfaces that allow secondary communications to be established. These communications allow the execution of important tasks such as the management of the devices themselves or changing the way they interact with industrial processes. Although in most cases it is necessary to have physical access to the device in order to use these interfaces, manipulation of the device through these interfaces allows attackers to manipulate the operation of the system without leaving any trace if there are no mechanisms to protect the asset from hardware hacking.This article aims to show the most widespread physical interfaces in industrial devices and embedded systems in general. On the other hand, we want to show some attacks executed throughout history in the industrial world. These attacks, thanks to the physical manipulation of a device, have allowed attackers to achieve a great impact on the targeted industrial process

LockerGoga is  a ransomware-type malware, first discovered in 2019, that infects computer systems, encrypts your files, and demands a ransom in cryptocurrencies in order to recover them. Unlike others, LockerGoga focuses on attacking businesses and government organizations. This article describes what it is and explains the relevant methods to respond to this threat

A growing number of industrial companies are adopting vulnerability management on their devices and systems, in order to perform this management in a correct and efficient way, the first step is to create an asset inventory or update it. Some companies are looking for vulnerability management services to stay on top of the latest cybersecurity issues affecting their assets. In addition, we are also noticing an increase in the availability of tools and their implementation for vulnerability management.

En este artículo se presentarán algunas soluciones útiles en la realización de test de vulnerabilidades en aplicaciones Android, resaltando las oportunidades que estas tareas aportan a la ciberseguridad.

With the industrial revolution of Industry 4.0, industrial processes have become more intelligent, and this has led to the deployment of a greater number of devices. All these deployments usually have a common point, being the gateways, which, after being deployed, are responsible for the translation of some protocols to the TCP/UDP frame or simply send the information to the cloud.Being a point that gathers a large amount of data and capable of providing intelligence to industrial processes, industrial gateways have become a very desirable target for attackers.

One of the most important activities in the industry is the industrial maintenance because it could extend the service life of devices. This activity has always been more mechanically oriented, but currently it might talk a new type of maintenance because the new industry technologies and increase of cyberattacks.This maintenance is more related with the informatic world and in this article will be able to see the principals characteristics and the actions to be taken to ensure that it is carried out correctly.

Technical reporting is one of the most important parts of the completion of a task, as it reflects the results of all the work done. Moreover, it does not only constitute a final deliverable for a customer, or for the decision-makers within an organization, but also acts as the link between the person or team that has carried out the task and the decision-makers, based on the findings.

Currently, there is a constant evolution in the technologies and implementations made in Industrial Control Systems. On one hand, some of the most common implementations for the improvement of industrial systems infrastructures are digitalization and the use of cloud technology. On the other hand, the increase in communication protocols and IIoT devices (due to the growth of the Industry 4.0) generates a large volume of traffic that is difficult to control and secure.

Within the industrial world, there are some sectors such as robotics, which has evolver considerably. This has led to the need to update all the regulations and standards, both in terms of physical (safety) and cybersecurity. (security). Given that the robotics sector is and will increasingly become a highly technical sector with exponential growth, the need to update all documentation has been promoted by a large group of companies in the sector, which, above all, have focused their concerns on the cybersecurity of the industrial robotics world.

En este estudio, se expone brevemente el origen y evolución de la amenaza ransomware LockBit 3.0, a través del análisis de varias muestras maliciosa, con el objetivo de facilitar la información necesaria para poder identificar las características propias de este malware, su comportamiento y técnicas empleadas, permitiendo así una mejor identificación y respuesta ante ella.

Industrial Control Systems (ICS) were initially designed to work in sealed environments and as stand-alone systems, interconnections between systems were scarce, as were safety protections. The constant evolutions in the field of ICS, including the inclusion of a large number of communication protocols, IIoT devices, the expansion of interconnections, an incessant search for interoperability between systems and the inclusion of these architectures in critical systems, has meant that the networks on which these industrial control systems, has meant that the networks on which these industrial control systems are built, also known as control networks, have increased their security exponentially.

In industrial environments there are a multitude of technologies, manufacturers, communications, etc. This article will reflect a small part of the protocols that use radio frequency (RF) communications. Thanks to these wireless communications, operators in the industrial world can send a simple order to obtain information on the status of a sensor or execute control orders in the industrial environment. The importance of a good implementation, in terms of cybersecurity of these communications, is quite high since, on occasions, some of the attacks that have been investigated have an impact on the physical world, giving rise to incidents that can even result in fatalities.