logo
episode-header-image
Feb 2023
19m 45s

Knocking down the legs of the industrial...

N2K Networks
About this episode

Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the industrial network with the intention of intercepting, viewing, and even manipulating values sent to (and from) the HMI, ultimately trying to trick the user into making a wrong decision, ultimately affecting the proper operation of the process.

In this research, they are targeting Rockwell Automation’s FactoryTalk View SE products, trying to highlight the lack of integrity and confidentiality on the production network and the effect that has on the overall security of the production environment.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Up next
Yesterday
Plug-ins gone rogue.
Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and C ... Show More
29m 52s
Jul 8
Memory leaks and login sneaks.
Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. ... Show More
30m 50s
Jul 7
SafePay, unsafe day.
Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking syst ... Show More
37m 27s
Recommended Episodes
Oct 2023
SE Radio 584: Charles Weir on Ruthless Security for Busy Developers
Charles Weir—developer, security researcher, and Research Fellow at Security Lancaster—joins host Giovanni Asproni to discuss an approach that development teams can use to create secure systems without wasting effort on unnecessary security work. The episode starts with a broad d ... Show More
1 h
Aug 2023
2465: Imperva: Navigating the Data Breach Landscape
In today's digitized world, the security of our data is paramount. Understanding the complexity of data breaches and developing robust security strategies can often be a challenging task for businesses. To shed light on this critical issue, I'm thrilled to have Terry Ray from Imp ... Show More
40m 46s
Dec 2023
2723: Navigating Workplace Surveillance With 1E
In today's episode of Tech Talks Daily, I'm tackling a topic that sits at the intersection of technology, privacy, and workplace ethics – workplace surveillance tools. I'm joined by Ian van Reenen, CTO of 1E, a company at the forefront of digital employee experience (DEX) monitor ... Show More
24m 19s
Jul 2021
Analyzing the Impact of A.I. and Technology on Society and Cybersecurity
Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's to figure ... Show More
49m 58s
Feb 2024
ZERO TRUST
In this episode of "Life of a CISO" with Dr. Eric Cole, the focus is on the importance of prioritizing foundational cybersecurity measures over chasing new technologies. Dr. Cole emphasizes the prevalence of companies getting caught up in the hype of artificial intelligence (AI) ... Show More
24m 48s
Mar 2024
2820: The Cyber Insurance Equation: Risk, Responsibility, and Readiness
In today's digital landscape, the role of cybersecurity within organizations is more critical than ever. As businesses navigate the complexities of protecting their data and infrastructure, the Chief Information Security Officer (CISO) stands at the forefront of this evolving bat ... Show More
36m 29s
Jan 2024
2787: Navigating the Evolving Landscape of Application Security With Checkmarx
In this compelling episode, we delve into the strategic importance of application security as businesses undergo digital transformation. Sandeep Johri, with his rich experience at Checkmarx, sheds light on this domain's multifaceted challenges and opportunities. We discuss how vu ... Show More
25m 34s
Nov 2023
Cybersecurity
Dr. Eric Cole's latest episode of "Life of a CISO" delves into the importance of reflection and gratitude in a cybersecurity professional's journey. He highlights the tendency to focus on the next challenge without acknowledging past achievements. Dr. Cole emphasizes the value of ... Show More
24m 34s
Dec 2021
Keeping Security Simple with Johanna Baum, the CEO and Founder of S3 (Strategic Security Solutions)
There is a lot of conversation among IT security leaders about engaging the workforce in order to mitigate threats. But how do security professionals actually win people over to their side? Many employees are willing to comply but what can be done to really get through to those t ... Show More
41 m
Dec 2023
Fact vs Fiction
In this episode of "Life of a CISO," Dr. Eric Cole delves into the critical differentiation between truth and myth in the landscape of cybersecurity leadership. Highlighting the peril of adopting falsehoods as truths, he emphasizes the impact of misconceptions on a Chief Informat ... Show More
31m 55s
Listen to millions of songs and podcasts on Anghami