Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs Enhances Radamsa for Safer ICS Software

Nozomi Networks Labs is committed to conducting cyber security research that makes industrial organizations more secure. Our latest project involves enhancing Radamsa, an open source fuzzing tool for testing software.

Our new code makes it faster and easier to test devices that communicate over industrial networks, such as PLCs and RTUs, for security vulnerabilities.

GreyEnergy Malware Research Paper: Maldoc to Backdoor

GreyEnergy Malware Research Paper: Maldoc to Backdoor

When the GreyEnergy Advanced Persistent Threat (APT) was unveiled last year, I decided to put my reverse engineering skills to work and study one of its infection techniques.

Find out about the methods the malware’s packer stage used to conceal its true functionality, plus get access to my full Research Paper, in today’s article.

IEC 62351 Standards for Securing Power System Communications

IEC 62351 Standards for Securing Power System Communications

To help counter the growing concern about cyberattacks aiming to disrupt power systems, industrial experts have been working together in WG15. This group, part of IEC, is defining the standards known as IEC 62351, for secure-by-design power grids.

As a member of WG 15 since 2015, I thought it might be helpful to inform you about these standards and provide an update on their status.

Analyzing the GreyEnergy Malware: from Maldoc to Backdoor

Analyzing the GreyEnergy Malware: from Maldoc to Backdoor

GreyEnergy is an Advanced Persistent Threat (APT) which has been targeting industrial networks in Eastern European countries for several years.

As a security analyst, I have studied the malware and provide a detailed description of how it works, from the moment that someone receives a phishing email, until the malware is installed in a PC. We also provide the GreyEnergy Unpacker, a free tool for other analysts to use for further analysis of this advanced persistent threat.