Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

View Resource

Speakers

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

Speakers

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

Take the next step.

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.