by Nozomi Networks Labs | May 12, 2022
Recently, we had the opportunity to do a security analysis of the Siemens PXC4.E16, a Building Automation System (BAS) of the Desigo/APOGEE family for HVAC and building service plants. In this blog, we are publishing the details of a vulnerability that was caused by an improper implementation of the password-based key derivation mechanism for user accounts. It could also have been abused to perform a Denial-of-Service (DoS) attack against the controller.
by Nozomi Networks Labs | Apr 18, 2022
While the use of open-source programming languages has its benefits, attackers find it equally beneficial and have been utilizing Go to code malicious malware. Our research highlights a new variant of the BotenaGo malware that specifically targets Lilin security camera DVR devices, which we have named Lillin scanner.
by Gary Kinghorn | Apr 5, 2022
Maritime ports, port facilities and vessel operations are increasingly seen as high value cybersecurity targets. Well-funded nation state actors pose a near-term threat, and risks to these operations can result in enormous losses as well as threaten large supply...
by Nozomi Networks Labs | Mar 1, 2022
One key technique to stymie reverse engineering botnet code is to obfuscate the code by compressing or encrypting the executable, called packing. This blog explores the current packers used by IoT malware, using data collected by Nozomi Networks honeypots.
by Gary Kinghorn | Feb 22, 2022
On January 26, 2022, the Biden administration’s acting director of the Office of Management and Budget (OMB) issued a memorandum to Executive Branch department heads and agencies on moving the U.S. government toward Zero Trust cybersecurity principles. The memo laid...
