OT & IoT
Security Blog
Learn More About OT & IoT Security and Visibility
OT & IoT Security Blog
Learn More About OT & IoT Security and Visibility
How to Dissect Unusual Protocols for Troubleshooting OT Security
To analyze the OT security risks of undocumented protocols, we need to understand how devices work, and how they communicate. Nozomi Networks Labs demonstrates how to use Lua APIs to instruct Wireshark to properly dissect an undocumented protocol.
New IoT Security Risk: ThroughTek P2P Supply Chain Vulnerability
Nozomi Networks Labs announces the discovery and disclosure of a new security camera vulnerability. It affects an embedded P2P software component from ThroughTek. This component is part of the supply chain for many original equipment manufacturers (OEMs) of consumer-grade security cameras and IoT devices.
Demonstrating the Link Between Functional Safety and ICS Security
In industrial control systems (ICS) with no protection measures, it can be easy for a threat actor to disrupt the system, threatening safety and production. Watch a simulated DoS attack to see how an attacker could exploit bad practices, and review what should be done to prevent such an attack.
Colonial Pipeline Ransomware Attack: Revealing How DarkSide Works
The Colonial Pipeline ransomware attack is one of the most notable critical infrastructure breaches of recent years. Learn the encryption, anti-detection and other techniques used by DarkSide’s main executable so you can evaluate your own defenses. Includes IoCs and a decryption script for detection.
Responding to the Colonial Pipeline Breach & CISA Ransomware Alert
The Colonial Pipeline breach has made ransomware attacks a top concern. Besides following CISA’s Darkside alert advice, governments need to act to improve cybersecurity and hold threat actors accountable. Just as important, asset owners need to adopt a post-breach mindset.
OT and IoT Security: Adopt a Post-Breach Mindset Today
Every time there’s a cyberattack like the recent ransomware targeting Colonial Pipeline, industry experts scramble to share thoughts on what could have been done to thwart it, or what the impact of a breach could be. Organizations need to reset themselves to have a post-breach mindset, pre-breach.
OT/IoT Security – Start From a Never Trust, Always Verify Mindset
Last week, I sat down with Brian Kime, Senior Analyst with Forrester. Brian focuses on cyber threat intelligence, vulnerability risk management, and industrial control system security. His role is to help organizations do three core things: identify, assess, and...
IoT Devices – The Newest Source of OT Network Security Gaps
IoT devices deliver huge benefits, but also create security gaps because organizations don’t have the tools needed to monitor & protect them.
Threat Intelligence: Analysis of the SBIDIOT IoT Malware
Billions of IoT devices are used in the industrial sector and threat actors are quickly evolving new malware focused on them. Don’t miss this analysis of the SBIDIOT IoT malware to learn how it communicates with targets and what types of commands it supports. Includes IOCs.
Defending Against IoT Security Camera Hacks Like Verkada
Verkada was the target of a successful cyberattack that allowed the perpetrators unfettered access to the live video feeds of 150,000 surveillance cameras. Network monitoring technology could have alerted them to the attack – and helped them contain and mitigate its impact.
Embrace Cloud-based OT/IoT Cybersecurity Now with Vantage
Vantage is the first SaaS platform for OT and IoT security. Find out how it helps you unleash the power of digital transformation with anywhere, anytime security monitoring and threat detection.
New Report: Top OT/IoT Security Threats and Vulnerabilities
Nozomi Networks Labs has produced a new OT/IoT security report. This blog summarizes the most significant threats and vulnerability trends, as well as recommendations for improving your security posture. Read the blog and get the report to speed up your understanding of the current threat landscape.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
New Report: Top OT/IoT Security Threats and Vulnerabilities
Nozomi Networks Labs has produced a new OT/IoT security report. This blog summarizes the most significant threats and vulnerability trends, as well as recommendations for improving your security posture. Read the blog and get the report to speed up your understanding of the current threat landscape.
New Reolink P2P Vulnerabilities Show IoT Security Camera Risks
Nozomi Networks Labs has discovered vulnerabilities in the Peer-to-Peer (P2P) feature of a commonly used line of security cameras – Reolink. P2P is used by several vendors and, if your CCTV camera has this feature, it’s important to understand the potential security risks.
New Threat Intelligence Reveals Misuse of DNS Protocol
Nozomi Networks Labs has uncovered new misuse of the DNS protocol that opens the door to significant threats in the future. We urge security teams to familiarize themselves with this new threat intelligence and centrally monitor their systems for problematic network traffic.
Overcoming the Challenges of Detecting P2P Botnets on Your Network
It can be challenging to disrupt the malicious activities of peer-to-peer (P2P) botnets. Find out how to protect your OT/IoT networks against them.
CISA-Sponsored CVE Program Grants Nozomi Networks CNA Status
Nozomi Networks is a CVE Numbering Authority (CNA). The CVE Program is the international standard for identifying and naming cybersecurity vulnerabilities.
Your Guide to the MITRE ATT&CK Framework for ICS
Learn how security teams can use details about adversary behavior and actions contained in the MITRE ATT&CK Framework for ICS to enhance their security strategies.
What IT Needs to Know about OT/IoT Security Threats in 2020
Find out what IT needs to know about OT/IoT security in 2020, including the most active threats, their techniques and recommendations for mitigations.
Enhanced Product Security Incident Response Reduces Customer Risk
Our Product Security Incident Response Team (PSIRT) contacts and security bulletins are now public, as part of our commitment to customer security.
Ripple20 – New Zero-Day Vulnerabilities Send Shockwaves Across IoT
Two things make Ripple20 IT/OT/IoT vulnerabilities especially concerning: the potential impact that can be achieved by their exploitation, and the difficulty of finding and tracking all instances of the vulnerable library.
IEC 61850 Meets IEC 62351: Securing GOOSE Power Grid Weaknesses
Nozomi Networks CTO Moreno Carullo explains how IEC 62351-6 can be used to secure IEC 61850 GOOSE protocol defects & increase ICS security for substations.
Dark Nexus IoT Botnet: Analyzing and Detecting its Network Activity
Dark Nexus is an IoT botnet that uses DDoS attacks for financial gain. Nozomi Networks security researchers have analyzed its network behavior.
COVID-19 Chinoxy Backdoor: A Network Perspective
A prolific threat actor, active in Asia, sends documents to people in Kyrgyzstan about how the United Nations is helping to fight COVID-19.
Nozomi Networks Labs examines how network traffic analysis can detect this specific threat.
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Leonardo Partnership Boosts Critical Infrastructure Cyber Security
Power grids, transportation systems and other critical industrial infrastructure are the backbone of life – without them world economies would quickly come to a screeching halt. That’s why the partnership between global aerospace, defense and security leader Leonardo, and Nozomi Networks is more than just timely.
Nozomi Networks Integrates with Palo Alto Networks Next-Generation Firewall
Without comprehensive, real-time visibility of industrial control system (ICS) networks, devices and process status, protecting control networks from cyberattacks and avoiding operational disruptions is a serious challenge. Over the last half-decade, Nozomi Networks has built a successful reputation providing a solution to this very problem by offering a non-intrusive, real-time monitoring and threat detection solutionbuilt for ICS.
Now, Nozomi Networks has extended the utility and reach of Nozomi Networks Guardian through an integration with the Palo Alto Networks Next-Generation Firewall (NGFW). Find out why Nozomi Networks chose to integrate with this leading firewall and how the companies’ offerings work in tandem to help bridge the IT/OT gap.
Nozomi Networks Selected by FireEye for ICS Depth & Technical Excellence
Malware attacks like WannaCry, Dragonfly 2 and Industroyer have brought industrial cyber threats to the attention of corporate boards and governments around the world. As a result, CISOs and those responsible for critical infrastructure are demanding real, enterprise-grade OT security solutions. Many are reaching out to trusted partners in IT security, looking for help in securing their industrial control networks.
This is the driver behind our new partnership with FireEye. FireEye’s customers include more than 40% of the Forbes Global 2000 and they depend on FireEye to eliminate the complexity and burden of cyber security for them.
To help extend its ICS cyber security offerings, FireEye recently thoroughly analyzed the market for ICS network security monitoring solutions. We’re happy to announce today that our solution has been selected by FireEye to provide cyber security visibility and threat detection for industrial control systems. Find out why our technical excellence and ICS expertise stands out from the crowd.
Advance IT / ICS Cyber Security with Nozomi Networks and Fortinet
In the future, an organization’s cyber security strategy will largely be defined by how well both OT and IT networks can integrate to bring improved vigilance, visibility and protection. In today’s connected world this is more important than ever.
Recently, Nozomi Networks had the privilege of speaking at the 2017 Fortinet 361 event in Vienna, Austria, where IT / OT cyber resilience was a hot topic. I was pleased to discover that many attendees were interested in Fortinet’s commitment to OT (Operations Technology) and ICS (Industrial Control Systems) cyber security. They were also eager to learn how Nozomi Networks is helping Fortinet extend their security offering into the industrial realm with our technology.
If you’re interested in improving IT / ICS cyber security, read on to find out more about the synergetic partnership between Fortinet and Nozomi Networks, and how our products provide the critical ICS cyber security thread for Fortinet Security Fabric.
THE LATEST LABS BLOGS
PrintNightmare: How To Check If Your Systems Are Still Vulnerable
PrintNightmare: Cybersecurity researchers continue to uncover new, related vulnerabilities that can be exploited. Learn how to determine whether your systems remain vulnerable to known popular exploit PoCs (Proof of Concepts).
Investigating the Ransomware and IoT Vulnerabilities Landscape
Panelists: Ivan Speziale, Chris Grove Date: July 27, 2021 Cybercrime continues to rise sharply as threat actors go after industrial targets that can be worth millions in ransomware payments. To help security defenders fight back, Nozomi Networks Labs will share...
OT/IoT Security Report July 2021: What You Need to Know to Fight Ransomware and IoT Vulnerabilities
Find out how to fight ransomware and IoT vulnerabilities with new insights and actionable recommendations from the Nozomi Networks Labs team.