Imagen decorativa Avisos
Blog posted on 23/11/2023

The Border Gateway Protocol (BGP) is fundamental to the functioning of the Internet as we know it, as it serves to route data flows along the optimal routes, through several different hops (or IPs). However, it was not designed with security by design, which opens the door to hijacking BGP-type  threats. 

Through these types of attacks, malicious actors can redirect traffic, causing data loss, such as  in Man-in-the-Middle, among others. This article explores in depth these types of attacks, their impact, and the countermeasures available through mechanisms such as RPKI, IRR, and ROA.

 

Imagen decorativa Avisos
Blog posted on 16/11/2023

OSINT (Open-Source Intelligence) is a technique that focuses on the collection, evaluation and analysis of public information through different methods and techniques, with the objective of discovering vulnerabilities or collecting sensitive information that could become threats. 

It should be emphasized that the data collection is not called OSINT, it would be raw information. Once this information is evaluated and treated, it could be said that we are really talking about open-source intelligence (OSINT).

Initially it has been used in the military and government sector. Its use in OT, with disciplines such as SIGINT (Signals Intelligence), IMINT (Imagery Intelligence) or even 'Sock Puppets' (fake profiles or intruders in technical forums) is making havoc due to the criticality of this equipment. Disinformation or the compilation of sensitive industrial technical information are some of the serious consequences that this sector is exposed to.

Imagen decorativa Avisos
Blog posted on 09/11/2023

The  Avaddon ransomware appears as a disturbing threat that has demonstrated its ability to exploit vulnerabilities in systems, compromising the security and integrity of critical data. 

This article dives into the details of how Avaddon works, while also providing a comprehensive analysis of strategies to detect and mitigate the threat.
 

Imagen decorativa Avisos
Blog posted on 26/10/2023

The presence  of Shadow IT, i.e., the unauthorized or unmanaged use of IT technologies and services by employees, poses challenges and risks of considerable magnitude.

The rapid adoption of personal devices and applications, as well as accessibility to cloud services, have increased the complexity of the security landscape. This situation poses a risk that can compromise the confidentiality and integrity of the organization's information.
 

Imagen decorativa Avisos
Blog posted on 02/10/2023

This article introduces how ESXiArgs operates, and offers an approach to identifying and addressing the threat. Examining the characteristics and behaviours of ransomware, it provides detailed insight into the tactics it uses and how these can be detected in a vulnerable environment. It also explores strategies and best practices for cleaning and disinfecting compromised systems, restoring trust and security to the affected infrastructure.

Imagen decorativa Avisos
Blog posted on 03/08/2023

The history of cybersecurity is marked by names that have left an indelible mark on the field of digital threats. Among them, Maze, Egregor and Sekhmet stand out as notable ransomware variants, whose similarities go beyond mere coincidence. 
In this article, we will unravel the tactics these ransomwares employed,  the encryption mechanisms they used, and the evasion and propagation strategies they employed. The review of these malware will offer us a deeper insight into the persistent threat of ransomware, as well as the importance and need to strengthen our cybersecurity posture.

Imagen decorativa Avisos
Blog posted on 06/07/2023

At the end of 2019, the Ragnarok (or Asnarok) ransomware appeared leaving a trail of digital victims in its path. The malware not only encrypted the files and demanded a ransom, but also threatened to erase and publish the stolen data. This article offers an in-depth look at Ragnarok, from its design and motivation to its methods of infection and spread. In addition, it provides different methods of response and disinfection.

Imagen decorativa Avisos
Blog posted on 01/06/2023

LockerGoga is  a ransomware-type malware, first discovered in 2019, that infects computer systems, encrypts your files, and demands a ransom in cryptocurrencies in order to recover them. Unlike others, LockerGoga focuses on attacking businesses and government organizations. This article describes what it is and explains the relevant methods to respond to this threat

Imagen decorativa Avisos
Blog posted on 27/04/2023

With the industrial revolution of Industry 4.0, industrial processes have become more intelligent, and this has led to the deployment of a greater number of devices. 

All these deployments usually have a common point, being the gateways, which, after being deployed, are responsible for the translation of some protocols to the TCP/UDP frame or simply send the information to the cloud.

Being a point that gathers a large amount of data and capable of providing intelligence to industrial processes, industrial gateways have become a very desirable target for attackers.

Imagen decorativa Avisos
Blog posted on 13/04/2023

Technical reporting is one of the most important parts of the completion of a task, as it reflects the results of all the work done. Moreover, it does not only constitute a final deliverable for a customer, or for the decision-makers within an organization, but also acts as the link between the person or team that has carried out the task and the decision-makers, based on the findings.

Go top