Nozomi Networks Labs
Learn about zero-day vulnerabilities in RTLS that may be used to target people and objects, and how to implement a secure wireless network infrastructure.
Learn about the current threat landscape and tactics used by threat actors during the Russia/Ukraine war, along with IoT and vulnerability trends.
Learn about the OT capabilities of Industroyer2, major changes between Industroyer and Industroyer2, and how the codebase has evolved.
Learn about the latest ransomware and supply chain attacks on critical infrastructure, and OT/IoT threat remediation strategies.
Learn how to assess the security posture of an IP video surveillance system, including hardware extraction and firmware analysis techniques.
Find out how to fight ransomware and IoT vulnerabilities with new insights and actionable recommendations from the Nozomi Networks Labs team.
Find out how to protect your operations with new insight into top OT/IoT threats and vulnerabilities from the Nozomi Networks Labs team.
Find out what Nozomi Networks security researchers have learned about rising IoT botnets, shifting ransomware, COVID-19 threats and top ICS vulnerabilities.
GreyEnergy: Dissecting the Malware from Maldoc to Backdoor, Comprehensive Reverse Engineering Analysis
A comprehensive analysis of one the GreyEnergy malware’s infection techniques, a phishing email, from the maldoc, to the custom packer and the final dropper (backdoor). The deepest reverse engineering is done on the packer. Two new tools were released to support further analysis of GreyEnergy.
TRITON: The First ICS Cyber Attack on Safety Instrument Systems, Understanding the Malware, Its Communications and Its OT Payload
How to turn an undocumented ICS device into malicious code, starting from creating a working system and followed by reverse engineering and malware analysis. While the TRITON malware attack failed to deliver a malevolent OT payload to the Triconex controller, our researchers succeeded. Two new tools were released to help the ICS community secure Triconex SIS.
Curated and maintained by Nozomi Networks Labs, the Threat Intelligence™ service provides threat and vulnerability updates to Guardian, making it easy for IT/OT professionals to stay on top of current OT and IoT risks.
“Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.”
© 2022 Nozomi Networks, Inc.
All Rights Reserved.