What you can learn from Cisco Talos’ new oil pumpjack workshop
To demonstrate how industrial control systems (ICS) interact with networks, Talos releases a 3-D printed oil pumpjack connected to a simulated programmable logic controller (PLC) supporting two industrial protocols.
OT Intent-Based Security Policies
When implementing security on the plant floor, the friction between IT and OT is mischaracterized as a problem of “control”. The solution depends on two factors – visibility and automation.
Vulnerability Spotlight: Multiple Vulnerabilities in Moxa EDR-810 Industrial Secure Router
Vulnerabilities have been identified in Moxa EDR-810, an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is designed for Ethernet-based security applications in remote control or monitoring networks.
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks
Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks.
IEC 104 Protocol Detection Rules
IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and...
HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments
The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary […]