Nozomi Networks Labs analyzes the Layer 2 protocol used by the RUGGEDCOM devices, focusing on how to instruct Wireshark to properly detect it and begin the dissection process.
To analyze the OT security risks of undocumented protocols, we need to understand how devices work, and how they communicate. Nozomi Networks Labs demonstrates how to use Lua APIs to instruct Wireshark to properly dissect an undocumented protocol.
A well-known RTOS (Real-Time Operating System), widely used in industrial sectors, is at risk from a series of 11 vulnerabilities dubbed URGENT/11.
Nozomi Networks Labs conducted research on the vulnerable devices and has released threat signatures for URGENT/11 that identify threats in typical industrial networks without generating high numbers of false positive alerts.
On August 13, 2019, the Siemens CERT Team issued an advisory (SSA-100232) concerning Siemens SCALANCE switch devices. This vulnerability was responsibly disclosed to Siemens CERT Team and CISA by Nozomi Networks Labs.
Learn more about our findings and gain a better understanding of the cyber risks of legacy devices.
Today at Black Hat USA we’re presenting an innovative power grid cyber security solution that greatly improves monitoring of intelligent electronic devices (IEDs).
Using the IEC 62351 standard for monitoring industrial networks, we demonstrate how four types of hard-to-detect attacks are readily identified.