Imagen decorativa Avisos
Blog posted on 21/03/2024

Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure

Imagen decorativa Avisos
Blog posted on 25/01/2024

After the pandemic, it has been observed that the healthcare sector has been one of the most attacked by cybercrimilas and organizations. This has generated a significant impact on the affected organitations, making it essencial to protect this sector due to its strategic nature and to achieve this, it is neccesary to understand its characteristics and the threats that affect it.

Imagen decorativa Avisos
Blog posted on 11/01/2024

The OPC UA (OPC unified architecture) communication protocol is the most modern standard presented by OPC Foundation. Currently, the OPC UA protocol is one of the most widely used in industrial environments, due to its ability to interconnect different devices, regardless of their base protocol and vendor.

Throughout this article, a technical assessment of the protocol will be conducted, explaining in detail the technical capabilities that allow a high level of cybersecurity to be implemented without causing performance losses in the devices.
 

Imagen decorativa Avisos
Blog posted on 28/12/2023

Second part of the Top 20 mitigations for industrial environments. This part will focus on mitigations related to network architecture, industrial protocols, network configuration and vulnerability scanning.

Imagen decorativa Avisos
Blog posted on 21/12/2023

In the industrial world, there are a large number of systems, equipment, networks, areas, ducts, cloud environments, IT-OT environments, etc. In recent years, the number of attacks on industrial environments has been growing exponentially, and not only on purely industrial environments, but also on corporate environments that are connected to industrial environments. These IT environments being access points for attackers due to this IT/OT connectivity.

Imagen decorativa Avisos
Blog posted on 30/11/2023

The security gaps and issues that exist within industrial environments are sometimes unknown to many information consumers. This article aims to bring first hand some of the most interesting issues and attack trends in 2023 in the industrial sector. Different industrial cybersecurity incidents so far this year will be described at a high level and a comparison will be made with the trend presented at the beginning of the year.

Imagen decorativa Avisos
Blog posted on 16/11/2023

OSINT (Open-Source Intelligence) is a technique that focuses on the collection, evaluation and analysis of public information through different methods and techniques, with the objective of discovering vulnerabilities or collecting sensitive information that could become threats. 

It should be emphasized that the data collection is not called OSINT, it would be raw information. Once this information is evaluated and treated, it could be said that we are really talking about open-source intelligence (OSINT).

Initially it has been used in the military and government sector. Its use in OT, with disciplines such as SIGINT (Signals Intelligence), IMINT (Imagery Intelligence) or even 'Sock Puppets' (fake profiles or intruders in technical forums) is making havoc due to the criticality of this equipment. Disinformation or the compilation of sensitive industrial technical information are some of the serious consequences that this sector is exposed to.

Imagen decorativa Avisos
Blog posted on 26/10/2023

The presence  of Shadow IT, i.e., the unauthorized or unmanaged use of IT technologies and services by employees, poses challenges and risks of considerable magnitude.

The rapid adoption of personal devices and applications, as well as accessibility to cloud services, have increased the complexity of the security landscape. This situation poses a risk that can compromise the confidentiality and integrity of the organization's information.
 

Imagen decorativa Avisos
Blog posted on 09/10/2023

The Zero Trust methodology  is based on the premise that no user, device, or network can be trusted, and that access privileges and security levels must be continuously verified in all interactions. 

The motivation for applying the Zero Trust methodology  is the need to protect a company's sensitive data and digital resources against potential internal and external threats.
 

Imagen decorativa Avisos
Blog posted on 28/09/2023

In recent decades, the need to control processes remotely to improve efficiency, productivity and accelerate decision making on industrial systems has led to the interconnection of operation technologies (OT) with information technologies (IT). This interconnection has given rise to a number of security risks in industrial control systems, and to meet these challenges, specific tools and technologies have been developed and adapted to help ensure cybersecurity in industrial environments. One such tool is the Security Operations Center (SOC).

In this article we will focus on the importance of advanced monitoring in a SOC OT.
 

Go top