I recently wrote about the current landscape of OT-dedicated cyber attacks, or lack thereof, and how this may change in the near future.

You can check it out below on the Orange Cyberdefense blog!

https://www.orangecyberdefense.com/global/blog/research/on-the-state-of-ot-cyber-attacks-and-traversing-level-35-the-artist-formerly-known-as-airgap

#icssecurity #otsecurity #ics #ot #cybersecurity

I'm pleased to announce our new paper has been published! This work discusses a technique, and subsequently presents a proof of concept, for scanning for vulnerabilities within PLC control logic. As I've mentioned through numerous talks and work recently, traditional enterprise focused reconnaissance, enumeration, and vulnerability scanning techniques are inadequate against OT and provide very little information on OT-specific vulnerabilities. This tool goes further than typical network scanning to understand where the control logic itself may have vulnerabilities. Read the paper here:

https://www.sciencedirect.com/science/article/pii/S0167404823000263

We hope this work is just the first step in tooling to improve the state of in-PLC vulnerabilities and PLC programming practices, greatly reducing the exploitability of OT moving forward.

#otcybersecurity #icscybersecurity #icssecurity #plcprogramming #cybersecurity

IT STARTS WITH ONE THING (a malware dropper)
I DONT KNOW WHY (you'd download an .mp3.exe)
IT DOESNT EVEN MATTER HOW HARD YOU TRY (your antivirus won't detect it since its UPX packed)

@charlvdwalt @Roeloftemmingh I love digging into @sensepost history. Here's RT & Charl proposing ransomware as a throwaway to one of their first C2 papers in 1999.

https://web.archive.org/web/20010319194334/http://www.itsecurity.com/papers/temmingh.htm

@Anneandstuff That is a really interesting thought, and something that is entirely avoidable using accepted platforms such as arxiv.org

The major issue that arises is work that hasn't at least gone through some type of formal peer review hasn't been verified as correct. That issue is somewhat mitigated when well informed subject matter experts use such work as a resource as they can critically analyse it themselves. However, non-specialists using that work will have a much more challenging time to validate it.

Neither are perfect and both have their place.

@K1L0G4U55 Thank you!

Finishing a PhD is a blurry situation with lots of stages - completing your thesis, submitting it, passing your viva, final corrections, and getting the certificate.

But this finally feels like closure. What an adventure!

@Dcuthbert @reg This is the talk prep none of the pros tell you about hahaha!

@reg @Dcuthbert I always thought weeing your pants would be worst case but tactical pants weeing to distract from the talk is absolutely genius!

Last week we ran our radio hacking session utilising our new SDR equipment! Now we are prepping for hardware hacking this Friday!

I've been using this #tool for years, but I think more people should know about it.

It makes it easy to find a #LaTeX symbol in a few seconds!

#TeXLaTeX

🔗 https://detexify.kirelabs.org

MIT researchers need to knock it the fuck off

After almost six years years doing some kick-ass Vulnerability Management work, it's time to spread both the knowledge and the workload, so come and work with and learn from, me!

Listed as Leeds (UK), but remote in UK, Ireland, Portugal or Romania could all work.

https://careers.flutteruki.com/jobs/r007332/vulnerability-analyst/

Boost are very welcome!

NCC did so much great research under Jennifer’s watch. What an epic goodbye post. https://research.nccgroup.com/2022/11/23/so-long-and-thanks-for-all-the-0day/

You can watch #NASA #Orion approach and round the #Moon live on NASA TV at https://www.youtube.com/watch?v=21X5lGlDOfg. Closest approach will be at 12:57 GMT (07:57 EST). #Artemis #Artemis1

I am offering multiple Ph.D. positions for candidates interested in the area of embedded systems security. The positions are open for both hardware security (e.g., side-channel, fault injection) and software security (firmware sec) topics. Details available here: https://jobs.cispa.saarland/jobs/detail/phd-students-1

I think I just might have found the perfect tree 🎄

@paperghost
On the positive side, visa toots sound even more fun than visa tweets!

@cyb_detective @hendrikerz
This is excellent, thanks for such a good resource!

Hope escaped academics are welcome on the list, put my details down just in case.

Happy #caturday from our gang!