Subscribe to CERTSI - Blog RSS


The value of commitment indicators in industry

The value of commitment indicators in industry

Posted on 03/08/2018, by INCIBE
In recent years, indicators of compromise have become the best way of exchanging information when it comes to managing an incident. But, do we really know how to manage an indicator of compromise? The aim of an indicator of compromise is to map the information that is received or extracted during the analysis of an incident. This is done in such a way that it can be reused by other investigators or affected people, in order to discover the same evidence in their systems and to be able to determine if they have been compromised or not.
Portada greatest hits 2017

2017 Greatest Hits: Problems seeded in the past

Posted on 01/30/2018, by Juan D. Peláez (INCIBE)
The aim of Cybersecurity Highlights service is to gather all relevant news related to cybersecurity through the year. This is the article that summarizes those news that have been more important in 2017.
Protective measures against denial-of-service (DoS) attacks

Protective measures against denial-of-service (DoS) attacks

Posted on 01/26/2018, by Alejandro Fernández Castrillo
Denial-of-service attacks are a type of cyber-attack which consists on reducing or cancelling altogether the capacity of servers or other computing resources to provide service. A denial-of-service attack can occur in different scenarios, such as overloading online services by mass request sending or exploiting vulnerabilities of programs or services in order to suspend function totally or partially. In most of such attacks, attackers use a wide range of techniques and tools to hide their identities, which makes it especially challenging to find the culprits.
Industrial Security 2017 in Numbers

Industrial Security 2017 in Numbers

Posted on 01/18/2018, by INCIBE
The year 2017 has come to an end, maintaining the trend of previous years, we have witnessed an increase in the number of vulnerabilities published affecting industrial control systems. Fortunately, companies are making greater efforts to prevent attacks and mitigate risks. For this new year 2018, a similar scenario is expected in which industrial cybersecurity still increases its importance.
TI-TO Convergence

IT/OT Convergence

Posted on 01/02/2018, by INCIBE
The constant pressure from operating costs and the halt in investments due to the crisis have made it so industrial systems have had to improve the administration of their assets in order to lower product prices, thus recurring to IT solutions. The result is that industry is changing in the way its processes are managed and operated in order to integrate them in business.
Riesgos y retos de ciberseguridad y privacidad en IoT

Cybersecurity and IoT Privacy Risks and Challenges

Posted on 12/26/2017, by Miriam Puente García
The Internet of Things (IoT) has started to become part of daily life in society: intelligent homes, intelligent education, intelligent healthcare, wearable devices, the Internet of Vehicles (IoV) and other industries make great use of this technology, with it playing a key role in the digital transformation and the hyper-connection of their elements.
OWASP publishes the Top 10 – 2017 Web Application Security Risks

OWASP publishes the Top 10 – 2017 Web Application Security Risks

Posted on 12/13/2017, by Juan Delfín Peláez y Alejandro Díez
The Open Web Application Security Project (OWASP) has published the 10 most critical web application risks, 2017 edition, which points injection attacks as the greater security risk once again, as in the 2013 and 2010 editions.
Iniciativas y prácticas de seguridad para el IoT

Safety initiatives and best practices for IoT

Posted on 12/11/2017, by Miriam Puente García
Tomando en consideración las amenazas y los riesgos detallados anteriormente queda de manifiesto la necesidad de desarrollar acciones o modelos de protección para mitigar las vulnerabilidades que surgen del tratamiento de los datos de los usuarios así como prácticas de seguridad en la funcionalidad y el despliegue de tecnologías IoT.