Alon Dankner on Extracting Crypto Keys from PLCs

Nexus: A Claroty Podcast

Player FM - Internet Radio Done Right

تمت الإضافة منذ قبل three أعوام

المحتوى المقدم من Claroty. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Claroty أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.

Peak Travel

1
Why Petra Needs Its People 28:39

منذ 9 أيام28:39

التشغيل لاحقا

قوائم

إعجاب

احب

28:39

For centuries, members of the B’doul Bedouin tribe lived in the caves around the ancient city of Petra, Jordan. Then, in the 1980s, the government forced the tribe to move in the name of preserving the geological site for tourists. But if the residents are forced to leave, and if their heritage has been permanently changed, then what exactly is being preserved? SHOW NOTES: Meet The Man Living in The Lost City Carved in Stone Jordan: Petra's tourism authority cracks down on Bedouin cave dwellers The tribes paying the brutal price of conservation “There is no future for Umm Sayhoun” Jordan’s Young Bedouins Are Documenting Their Traditions on TikTok Check out Sami's company Jordan Inspiration Tours Learn about your ad choices: dovetail.prx.org/ad-choices…

منذ عام واحد 27:58

MP3•منزل الحلقة

Alon Dankner of the Technion Institute for Technology in TelAviv Israel joins the Claroty Nexus Podcast to discuss a presentation he gave at the recent Black Hat cybersecurity conference in Las Vegas. Dankner and colleague Nadav Adir's presentation looked at the attack surface of programmable logic controllers (PLCs), in particular Siemens’ S7 protocol. Dankner and Adir developed six attacks against the encryption implementation in the protocol that expose private crypto keys and allow an attacker full control over the industrial control system.
For more, visit nexusconnect.io/podcasts

93 حلقات

#Tech #Claroty #Cyber-physical Systems Security

Nexus: A Claroty Podcast

Alon Dankner on Extracting Crypto Keys from PLCs

Nexus: A Claroty Podcast

published منذ عام واحد

MP3•منزل الحلقة

93 حلقات

#Tech #Claroty #Cyber-physical Systems Security

كل الحلقات

Nexus: A Claroty Podcast

1
Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard 40:39

منذ 11 يومًا40:39

40:39

Florence Hudson, working group chair of the IEEE/UL 2933 standard and framework for Clinical IOT Data and Device Interoperability with TIPPSS, joins the Nexus Podcast. Published last September, the standard establishes a framework for secure data exchanges between clinical IoT and medical devices and systems. The frameworks is based on TIPPSS principles (trust, identity, privacy, protection, safety, and security) clinical IoT such as in-hospital devices, wearable devices, investigational devices. Follow and subscribe to the Nexus Podcast .…

Nexus: A Claroty Podcast

1
Mike Holcomb on Starting and Succeeding in OT Cybersecurity 42:40

منذ 22 يومًا42:40

42:40

Mike Holcomb, global lead for ICS and OT cybersecurity at Fluor , joins the Nexus Podcast to discuss his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems. Mike produces and hosts a learning series available for free on YouTube called " Getting Started in ICS/OT Cyber Security " where he explains the fundamentals of this unique cybersecurity discipline On the podcast, he discusses his experience with those in IT now responsible for OT, how to best assess and mitigate risk within OT, and some of the practical threats that matter most to practitioners. Follow the Nexus Podcast here.…

Nexus: A Claroty Podcast

1
Ron Fabela on Low-Skilled OT and ICS Threat Actors 36:33

منذ 6 weeks36:33

36:33

Ron Fabela of ABS Consulting joins the Nexus Podcast to dispel some of the myths surrounding threat actors targeting operational technology and industrial control systems. Groups such as the Russian Cyber Army, UserSec, and the CyberAv3ngers have different ideological motivations, and have decidedly carried out low-impact attacks on OT. Fabela covers some of their tactics, whether they're better marketers than hackers, and reminds users that their exploits still merit investigation and remediation. Listen to every episode of the Nexus Podcast here .…

Nexus: A Claroty Podcast

1
Munish Walther-Puri on Creating a Scale for Cybersecurity Incidents 33:25

منذ 7 weeks33:25

33:25

Munish Walther-Puri of the Center for Global Affairs at New York University joins the Claroty Nexus podcast to discuss a homegrown severity scale for critical infrastructure cybersecurity incidents. The Infrastructure Cyber Incident Scale, or INCI Scale, brings a Richter-Scale-like criticality index to incidents based on the intensity, magnitude, and duration of an event. Walther-Puri unveiled the scale at the S4 Conference in Tampa.…

Nexus: A Claroty Podcast

1
Brian Foster on the Risks of a Hyperconnected Grid 27:17

منذ 8 weeks27:17

27:17

Brian Foster, Senior Advisor for Grid Security at Southern California Edison, joins the Nexus Podcast to discuss a presentation he gave at the S4 Conference called . Foster covers the impending risk and host of exposures expected as smart meters and other similar devices are centrally managed online. This scenario gives attackers the ability to attack devices at scale and potentially cause catastrophic damage. Listen to every episode of the Nexus Podcast here.…

Nexus: A Claroty Podcast

1
CISA's Matthew Rogers on Secure by Demand for OT 39:23

منذ 12 weeks39:23

39:23

Matthew Rogers, ICS Cybersecurity Strategy & R&D Lead at the Cybersecurity & Infrastructure Security Agency (CISA) joins the Nexus Podcast to discuss the agency's latest publication: “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products.” This guide features 12 cybersecurity recommendations that OT owners and operators should be looking for during procurement cycles with automation and control system vendors. Read Claroty's blog on the guide . Listen to every episode of the Nexus Podcast here .…

Nexus: A Claroty Podcast

1
Noam Moshe on the IOCONTROL Malware 23:58

منذ 16 weeks23:58

23:58

Claroty Team82 researcher Noam Moshe joins the Nexus Podcast to discuss the IOCONTROL malware used by an Iranian APT actor known as the CyberAv3ngers to target civilian critical infrastructure in the U.S. and Israel. The malware acts as a Linux-based backdoor and has a modular configuration that can be adapted for IoT, OT, and SCADA devices. Read Team82's research blog: " Inside a New OT/IoT Cyberweapon: IONCONTROL " Listen and subscribe to the Nexus Podcast here .…

Nexus: A Claroty Podcast

1
Team82 on Attacking the Insecure IoT Cloud 31:38

منذ 17 weeks31:38

31:38

Claroty Team82's Noam Moshe and Tomer Goldschmidt join the Nexus Podcast to discuss the research team's latest publication on 10 vulnerabilities discovered in Ruijie Networks' Reyee OS cloud platform. A chain of these vulnerabilities could allow an attacker to remotely execute code on any device connected to the Ruijie cloud. Team82 also developed an attack they call Open Sesame which allows an attacker in proximity of a Ruijie device to use leaked device information and access the internal network. You can find the research here on Team82's website . Listen and subscribe to the Nexus Podcast here .…

Nexus: A Claroty Podcast

1
Volexity's Steven Adair on the Nearest Neighbor Attack 37:23

منذ 17 weeks37:23

37:23

Volexity founder Steven Adair joins the Claroty Nexus Podcast to discuss the Nearest Neighbor Attack, a unique attack carried out by Russia's APT 28 against a high-value target in an attempt to gain intelligence on Ukraine prior to the start of the war in February 2022. APT 28 was able to compromise the Wi-Fi network of its target without being in physical proximity of it. They did so by remotely compromising neighboring organizations, accessing their Wi-Fi networks—creating a daisy-chain of breaches and compromises—until they were able to reach their target. Volexity's blog contains additional technical details. Listen to every episode of the Nexus Podcast here .…

Nexus: A Claroty Podcast

1
Joe Saunders on Advanced Cyberattacks Against Critical Infrastructure 34:43

منذ 22 weeks34:43

34:43

Runsafe Security CEO and Cofounder Joe Saunders joins the Nexus Podcast to discuss the strategic shift from certain APTs toward destructive cyberattacks targeting U.S. critical infrastructure. Groups such as Volt Typhoon and Sandworm have aggressively focused their efforts on hacking OT, IoT, and healthcare organizations, opening new fronts that asset owners and operators, as well as manufacturers of embedded systems must now contend with.…

Nexus: A Claroty Podcast

1
Grant Geyer on the Business Impact of Disruptions from Cyberattacks 25:03

منذ 23 weeks25:03

25:03

Claroty Chief Strategy Officer Grant Geyer joins the Nexus Podcast to discuss the results of a survey of 1,100 cybersecurity leaders and practitioners on the business impact of disruptions from cyberattacks on cyber-physical systems. The financial losses are steep from these attacks impacting connected systems that are so central to our way of life, as are the recovery costs and operational impacts such as downtime, which is often intolerable in critical industries such as manufacturing and healthcare. Geyer brings his unique insights to the discussions, including attackers' motivations in targeting CPS, why ransomware continues to impact healthcare delivery organizations, and the risks of unsecured third-party and supply chain connections to the enterprise. Get the full survey results here .…

Nexus: A Claroty Podcast

1
Alethe Denis on Social Engineering, Red-Teaming 43:45

منذ 32 weeks43:45

43:45

Bishop Fox senior security consultant Alethe Denis joins the Claroty Nexus podcast to discuss social engineering in cybersecurity and how it has become part of red-team engagements, especially inside critical infrastructure organizations. She explains the value of open source intelligence and data stolen in breaches to scammers and extortionists in creating pretexts for their schemes. She also explains how to best defend against these tactics that aid threat actors in weaponizing personal information against victims and organizations. For more, visit nexusconnect.io/podcasts .…

Nexus: A Claroty Podcast

1
Alon Dankner on Extracting Crypto Keys from PLCs 27:58

منذ 33 weeks27:58

27:58

Nexus: A Claroty Podcast

1
Noam Moshe on Extracting Forensic Data from Unitronics PLCs 27:52

منذ 35 weeks27:52

27:52

Claroty Team82 researcher Noam Moshe joins the Nexus Podcast to talk about Team82’s research into Unitronics Vision series integrated HMI/PLC devices. The OT devices were exploited last year in attacks against water treatment facilities in the U.S. and Israel. Team82 researched the security of these devices and developed a pair of tools that allowed them to extract forensic information from the PLCs. Both tools were released to open source on Team82’s Github page. Moshe also presented this research today at the Black Hat Briefings in Las Vegas. Read Team82’s research blog here. Download the forensics tools here. For more, visit nexusconnect.io/podcasts…

Nexus: A Claroty Podcast

1
Alexander Antukh on Cyber Risk Quantification 43:05

منذ 36 weeks43:05

43:05

Alexander Antukh, CISO of AboitizPower in the Philippines, the country's largest power and renewable energy provider, joins the Nexus Podcast to discuss cyber risk quantification (CRQ). CRQ is a popular framework used to assess the financial impact of a cybersecurity threat on an organization. Antukh is an advocate of CRQ, and discusses his approach to using it to predict risk in his organization, what level of organizational maturity is required for this approach to succeed, and how it's being applied in operational technology (OT) environments. For more, visit nexusconnect.io/podcasts…

مرحبًا بك في مشغل أف ام!

يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.

الاستماع إلى +500 موضوع

مشابه لـNexus: A Claroty Podcast

Bounty Paper Towels Quick Size, White, 16 Family Rolls = 40 Regular Rolls (Packaging May Vary)

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Amazon Basics Dog and Puppy Pee Pads with Leak-Proof Quick-Dry Design for Potty Training, Standard Absorbency, Regular Size, 22 x 22 Inches, Pack of 100, Blue & White

المدونة الصوتية تستحق الاستماع

Nexus: A Claroty Podcast « » Alon Dankner on Extracting Crypto Keys from PLCs

Alon Dankner on Extracting Crypto Keys from PLCs

المدونة الصوتية تستحق الاستماع

مرحبًا بك في مشغل أف ام!

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Who Believes in Angels?

Tubi: Watch Free Movies & TV Shows

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

مشابه لـNexus: A Claroty Podcast

دليل مرجعي سريع

Nexus: A Claroty Podcast « »
Alon Dankner on Extracting Crypto Keys from PLCs