Buyer's Guide to OT & IoT Asset Management Solutions
Read the Guide
Academy
Labs
Careers
Partner Login
Support
search bar

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

View Resource

Speakers

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

Speakers

Codename I11USION: Eleven Practical Ways to Pwn Browser Based HMls in 2023

In this presentation from NoHat 2023, Andrea Palanca breaks down:

  • The evolving landscape of HMIs
  • The 11 most common risks associated with browser-based interfaces
  • Examples of real-world vulnerabilities and exploits found by the Nozomi Networks Labs team including 5 HMIs from 5 different vendors, and how these can be leveraged to impact industrial systems while simultaneously manipulating the view to deceive operators.

A recommended view to asset owners, professionals in the fields of industrial cybersecurity, IoT, and anyone interested in the future of secure industrial operations.

Related Content

Merging OT Asset Data to Unite Security and Operations Teams | Marty the OT Guy

Learn more

Nozomi Networks & Mandiant at Black Hat USA 2023 | Proactive Approach to IR in OT

Learn more

Nozomi Networks & Viakoo at Black Hat USA 2023 | Extending the Purdue Model to IoT/OT Remediation

Learn more

Other Resources For You

Research Report: Unpacking the OT & IoT Threat Landscape with Unique Telemetry Insight

Learn more

OT/IoT Security Report Executive Summary – August 2023

Learn more

OT/IoT Security Report - January 2023

Learn more

OT/IoT Security Report Executive Summary - January 2023

Learn more

Take the next step.

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.

Request a DemoWatch Demo

Subscribe

LinkedIn

Demo

PLATFORM

Platform OverviewVantageCentral Management ConsoleGuardianArcAsset IntelligenceThreat IntelligenceSmart PollingPSIRT

Professional Services

OverviewDesignDeploymentFast TrackOptimizationProject Management

Solutions: Business needs

Threat Detection & ResponseContinuous Network MonitoringAsset Inventory ManagementRisk & Vulnerability ManagementIoT SecurityData Center Cybersecurity

Solutions: Compliance

NERC CIPNIS2 DirectiveTSA Security Directives

Solutions: Industry

AirportsElectric UtilitiesHealthcareFederal GovernmentManufacturingMaritimeMiningOil & GasPharmaceuticalRailRetailSmart CitiesWater & Wastewater

Learn

PartnersResourcesCompanyContact UsAcademyCareersLabsLegal
© 2023 Nozomi Networks Inc. All Rights Reserved. Privacy Policy and Certifications. System Status.