Recent Posts
Discovery of DoS Vulnerability in ABB's AC500 V2
Our Researchers Discover Another Vulnerability As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities...
SolarWinds: Should Enterprises Adopt Supply Chain Certification
SunBurst - The Cyber Attack on SolarWinds SunBurst is a cyber espionage campaign that leveraged a supply chain attack on SolarWinds, a leading supplier of network management software. Between March...
How SCADAfence Defended a DoD Supplier from Over 50 Cyber-Attackers
The '85 Bears of Cyber Physical Security A few days ago, our elite cybersecurity team of defenders, faced over 50 of the world’s top hackers and security practitioners in the Hack the Building event.
SCADAfence Researchers Discovered CVE-2020-16849 a Vulnerability in Canon Printers
SCADAfence Researchers Discover A Sensitive Information Leak Vulnerability in Canon Printers
DoS Vulnerability in Mitsubishi Electric MELSEC iQ-R Series
Our Researchers Discover Another Vulnerability As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities...
Siemens S7 PROFINET - A Shocking Network Architecture Flaw
A Shocking Flaw Here’s an all too often overlooked item in the security architecture of industrial networks. Below is a diagram of an industrial network architecture we’ve seen in a number of places.
SigRed: A Wormable Microsoft DNS Server RCE Vulnerability
SigRed Overview SigRed is a vulnerability that was exposed yesterday (July 14th 2020) by the security firm Check Point. Successful exploitation of the vulnerability could lead to a malicious actor...
Ripple20: Mixed Results in SCADAfence's Exploitability Lab Tests
As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques. Ripple20 are 19...
CVE-2020-12117 & Industrial IoT Insecure Default Configurations
A New Moxa Vulnerability is Detected As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack...
“Dark_Nexus” - Adversaries Compete To Control IoT Devices
The IoT Attack Landscape In a recent blog post, I wrote about the fertile ground of insecure IoT devices, and their use by adversaries such as cybercriminals and defense organizations such as...
Russia’s FSB Develops Hacking Tools For IoT Devices
The Russian Government Hacking IoT Devices… Again A recent Forbesarticlereports that the Russian Federal Security Service (FSB), is using an external contractor to develop exploits and attack tools...
The Next WannaCry Is Here & There’s No Patch Available Yet
What Does It Mean For Critical Infrastructure, Manufacturing & Building Management Systems? Co-written by Ofer Shaked and Maayan Fishelov
ODVETA Ransomware as Seen by OT Security Experts
Co-written by Ofer Shaked and Maayan Fishelov Background Odveta is a ransomware that has been observed in multiple industrial networks. It doesn’t have an automated propagation mechanism, and it is...