For many years, industrial automation and control systems (IACS) relied on the fact that they were usually isolated in physically secured areas, running on proprietary hardware and software. When open technologies, standard operating systems and protocols started pushing their way into IACS replacing proprietary solutions, the former “security through obscurity” approach did no longer work. …
Continue reading “Securing IACS based on ISA/IEC 62443 – Part 1: The Big Picture”
Cyber security has long since become a strategic priority for organizations across the globe and in all sectors. Therefore, training and hiring young potential in information security has become a crucial goal. To raise awareness of cyber security threats and help train a generation of security aware security experts, we at NVISO organize Capture the Flag (CTF) Cyber Security Events in two countries, Belgium and Germany and reach a broad audience. Each …
TL;DR – Part two of this trilogy of blog posts will tackle the next big topic when it comes to smart home devices: privacy. Are these devices doubling as the ultimate data collection tool, and are we unwittingly providing the manufacturers with all of our private data? Find out in this blog post! This blog …
Continue reading “Smart Home Devices: assets or liabilities? – Part 2: Privacy”
During a mobile assessment, there will typically be two sub-assessments: The mobile frontend, and the backend API. In order to examine the security of the API, you will either need extensive documentation such as Swagger or Postman files, or you can let the mobile application generate all the traffic for you and simply intercept and …
Continue reading “Proxying Android app traffic – Common issues / checklist”
This blog post is part of a series, keep an eye out for the following parts! TL;DR – Smart home devices are everywhere, so I tested the base security measures implemented on fifteen devices on the European market. In this blog post, I share my experience throughout these assessments and my conclusions on the overall …
Continue reading “Smart Home Devices: assets or liabilities? – Part 1: Security”
TL;DR – In this post, we’ll explore some mobile malware: how to create them, what they can do, and how to avoid them. Are you interested in learning more about how to protect your phone from shady figures? Then this blog post is for you. Introduction We all know the classic ideas about security on …
Endpoint Detection and Response (EDR) is one of the most talked about cybersecurity topics in the last few years; it is on the agenda of most security officers as one of the first improvements to embrace in their organization, if not yet done. Why, though? What has made EDR the number one must-have security solution? …
Continue reading “EDR: an overview of visibility improvements and economic benefits”
TL;DR: We use a proof of concept script to attack a Digi Connect ME 9210 device affected by CVE-2020-11898, part of the newly-released Ripple20 series of vulnerabilities. Ripple20 In June 2020, JSOF released information about a series of 19 vulnerabilities dubbed “Ripple20”. Ripple20 affects the popular Treck network stack, which is used by many connected …
Continue reading “Testing Ripple20: A closer look and proof of concept script for CVE-2020-11898”
Introduction In this blog post, we want to introduce the user to the concept of using Machine Learning techniques designed to originally spot anomalies in written (English) sentences, and instead apply them to support the Threat Analyst in spotting anomalies in security events. The basic idea behind this is that we try to identify sentences …
Continue reading “Using Word2Vec to spot anomalies while Threat Hunting using ee-outliers”
Do you know that feeling, when you think you did a great job, and suddenly you look at it with a new perspective and only then you realize in terror that it was not at all as good as you thought? I do. One of the things our Cyberculture team does is War Games. Crisis …
Continue reading “Why Crisis management exercises (still) work”
