05/05/2016, by INCIBE. The attack on the Ukrainian power grid has caused a lot of commotion at the global level. These kinds of attack on control systems are highly targeted and planned, but is there anything we can do to prevent them?
26/04/2016, by INCIBE. The use of the ZigBee protocol, both in industry and in public settings, for example in people’s homes, makes it a possible target where many attackers may focus their attention.
08/04/2016, by INCIBE. In December 2015 part of the electricity sector in Ukraine was attacked by the Trojan BlackEnergy. This modular Trojan that allows different additional malware to be loaded left a million and a half people without electricity.
23/03/2016, by Santiago González (INCIBE). What is DROWN? DROWN is the name given to a new vulnerability linked to It is therefore a continuation of the trend that has appeared in recent years whereby diverse vulnerabilities have appeared which have a certain impact associated to Internet communication security, for example Heartbleed, POODLE, WinShock, FREAK o Logjam, among others. The acronym DROWN stands for Decrypting RSA with...
17/03/2016, by Miguel Herrero (INCIBE). In the popular Spanish comics series by the great artist and writer Ibáñez, Phil would become angry with Mort and chase him, normally with some disproportionately large weapon in hand, while Mort would run away in one of his many disguises. A scenario like the one above happens time and again in our operating systems, except that the malware is the character that puts on a disguise...
08/03/2016, by INCIBE. The industrial protocol Modbus is fairly widely used across different industrial sectors, as it is easy to implement and has a publicly available specification. In this article, the weaknesses of this protocol will be analyzed, as well as the countermeasures to take to mitigate these failings.