Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Today, the U.S. Department of Homeland Security issued ICS CERT Advisory (ICSA-19-120-01) concerning Rockwell Automation CompactLogix controllers.

Nozomi Networks responsibly disclosed the vulnerability to CISA and Rockwell Automation.

Read on to learn about our findings and gain a better understanding of the cyber risks of legacy devices.

Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs is committed to conducting cyber security research that makes industrial organizations more secure. Our latest project involves enhancing Radamsa, an open source fuzzing tool for testing software.

Our new code makes it faster and easier to test devices that communicate over industrial networks, such as PLCs and RTUs, for security vulnerabilities.

GreyEnergy Malware Research Paper: Maldoc to Backdoor

GreyEnergy Malware Research Paper: Maldoc to Backdoor

When the GreyEnergy Advanced Persistent Threat (APT) was unveiled last year, I decided to put my reverse engineering skills to work and study one of its infection techniques.

Find out about the methods the malware’s packer stage used to conceal its true functionality, plus get access to my full Research Paper, in today’s article.

IEC 62351 Standards for Securing Power System Communications

IEC 62351 Standards for Securing Power System Communications

To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.

As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.