Black Basta: response and recovery actions

Posted on 11/04/2024, by
INCIBE (INCIBE)
Decorative photo ransomware
Since its appearance in 2022, Black Basta has established itself as one of the most dangerous ransomwares in the current landscape, standing out for its ability to carry out double extortion attacks, stealing and encrypting data from its victims. Although it focuses on Windows systems, versions for Linux systems that attack ESXi hypervisors have also been discovered. At the end of December 2023, a renowned ethical hacking lab in Berlin published a decryption tool on GitHub to combat it. Although the group has recently updated its software to fix this flaw, the release of the decryption tool represents a major blow against its operations. In this article, we take a closer look at how this ransomware works, exploring the methods it employs to compromise the integrity of data and systems and presenting the decryption method for its vulnerable version.

Are smart cars cybersecure?

Posted on 04/04/2024, by
INCIBE (INCIBE)
¿Los coches inteligentes son ciberseguros? Imagen decorativa
The automotive world has always been one of the most cutting-edge sectors in terms of the technology used, which is why today's cars are equipped with technologies such as Bluetooth, NFC, GPS, etc., which improve different aspects such as comfort, fuel efficiency and increased safety.But these implemented technologies can also bring with them serious problems, such as the risk of cyber-attacks that can affect passengers in the vehicle, both at the level of personal data and physical security.For this reason, this article aims to provide an insight into some of the cyber-attacks that smart cars have suffered and how cyber-security is evolving and adapting to make more and more vehicles cyber-safe.

Dragonfly 2.0 mapping on MITRE ATT&CK ICS Matrix

Posted on 21/03/2024, by
INCIBE (INCIBE)
Decorative image
Currently, industrial infrastructures are suffering more attacks than ever before, and it is expected that attacks on these types of infrastructures will continue to grow exponentially in the coming years. This is why, throughout this article, an analysis will be made of a group of cybercriminals and their standard attack, showing how information can be obtained on the modus operandi, when and by what tactics and techniques they managed to attack an industrial infrastructure
Vulnerabilities

Vulnerabilities

Check our database with information in Spanish about the latest documented and known vulnerabilities.

Vulnerabilities

Guides and studies

Guides and studies

Advanced practical and theoretical content on cybersecurity for technicians.

Guides and studies

Service for operators

Service for operators

Set of services we offer for strategic operators.

Service for operators