Finding the OT in ZerO Trust
Chances are, this isn’t the first article you’re reading about Zero Trust. Chances are also that articles you have seen vary greatly in what Zero Trust means and does. Zero Trust isn’t a clearly defined IEEE standard, nor was there ever an RFC written about it. Each...
Industroyer2 Targets Ukraine’s Electric Grid: How Companies Can Stay Protected and Resilient
In light of the attempted attack on Ukraine’s power grid with Industroyer2 malware, the safety and security of Nozomi Networks customers is our top priority. Our latest Threat Intelligence package provides Industroyer2 Indicators of Compromise (IoCs) that will detect and alert customers of any known activity linked to the malware.
Answering the Call for Heightened Vigilance in the Face of Unknown Threats
With vendors leveraging increasingly advanced obfuscation and encryption techniques to protect the confidentiality of their code, finding vulnerabilities can be especially challenging. Another difficulty is the firmware itself becoming a challenge to reverse, if it was compiled for an obsolete architecture and commercial disassemblers can’t properly reconstruct it. The firmware in the Schneider Electric APC PDU is an example of such a code; it has been around for years and is compiled for an old and obsolete version of the Intel 80286, which prevents easy reading or inspection.
