Enhancing Internet security with IRR: protection against incorrect route advertisements

Posted on 04/07/2024, by
INCIBE (INCIBE)
Portada blog IRR
In the complex web of network infrastructure, the Internet Routing Registry (IRR) stands out as an essential component, playing an important role in the coordination and security of routing policies. Its benefits are significant in building a cyberspace free of spoofing-type attacks. Knowing how to create and maintain objects in the IRR is essential for operators of Internet infrastructures. This article presents its fundamental elements and the tools that help in its life cycle

Mapping between NIST FW and IEC 62443 2-1

Updated on 18/07/2024, by
INCIBE (INCIBE)
Cover blog NIST FW
There are currently many standards and regulations in the industrial sector. A wide variety of them allow industrial organizations to check their level of maturity, such as IEC 62443, or to improve the security level of the organization through the application of a series of guidelines, good practices or guides, as in the case of the NIST Framework.Given the growth of the industrial sector, and the increase in capabilities, both in production and connectivity, thanks to the consolidation of Industry 4.0 and the emergence of Industry 5.0, industrial environments are in the focus, not only of technological improvements, but also of cyber-attacks.The application and implementation of the IEC 62443 family, in combination with the NIST Framework, will enable organizations to reduce, mitigate and control the possibility of suffering a cyber-attack by implementing the controls and best practices defined in both standards.

UMAS and the cybersecurity of this communications

Updated on 11/07/2024, by
INCIBE (INCIBE)
Cover UMAS
UMAS (Unified Messaging Application Services) is a Schneider Electric (SE) proprietary protocol used to configure and monitor Schneider Electric programmable logic controllers (PLCs). While it is true that the protocol is related to this manufacturer, the use of the protocol is quite widespread in different sectors, especially the energy sector, as is obvious.The article will focus on the technical breakdown of the protocol and the use of the protocol. The article will also show weaknesses, strengths and some technical vulnerabilities detected in this protocol.

Vulnerabilities

Check our database with information in Spanish about the latest documented and known vulnerabilities.

Vulnerabilities

Guides and studies

Advanced practical and theoretical content on cybersecurity for technicians.

Guides and studies

Service for operators

Set of services we offer for strategic operators.

Service for operators