BBAT Technologies & Digital Services, LLC’s Post

Backdoor in D-Link routers enables telnet access!!! LAN-Side Unauthenticated Access to Management Features: Unauthenticated attackers on the same network can force the device to enable telnet service by accessing a specific URL and can log in using the hardcoded credentials obtained from reverse engineering and analyzing the firmware https://lnkd.in/gtMmfgMg

D-Link routers users: Critical vulnerabilities identified. D-Link most promptly released firmware updates. Update NOW. Models G403, G415, G416, M18, R03, R04, R12, R18: Update to firmware 1.10.01 or later) Models E30, M30, M32, M60, R32: Update to firmware version 1.10.02 (or later) Models E15, R15: Update to firmware 1.20.01 (or later)

UDS Security Access Pentesting #0x27 Just finished another article about general tests for security access Pentesting and how HydraVision from dissecto helps to automate. https://lnkd.in/dyth5pF8

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access https://ift.tt/WwEfYPj A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. "A vulnerability exists in the affected products that allows a threat actor to via The Hacker News https://ift.tt/z87ZPON August 05, 2024 at 01:07AM

Monthly Security Quiz 💡 Which of the following is NOT a recommended practice for securing industrial control systems (ICS) in a manufacturing environment? A) Implementing network segmentation to isolate critical systems B) Regularly updating and patching all ICS software and firmware C) Connecting all ICS devices directly to the internet for remote access D) Conducting regular security assessments and vulnerability scans #ukmanufacturing #shoutaboutukmfg #supportukmfg

In my experience with securing Cyber-Physical Systems (CPS), I often run into folks who want more secure environments but feel overwhelmed by the sheer breadth and complexity of their systems. I tell them to start with the low hanging fruit. Little bites out of the attack surface. Closing an unneeded port here, removing unused software there, encrypting/signing firmware, etc. When you consider the cost imposed on attackers by making changes to your product, it is non-linear. A little change on your part in terms of cost or effort, often presents a much much harder target for the attacker to penetrate. Certainly, security controls and methods must be balanced against cost, schedule, performance, and threat models. But low-hanging fruit goes a long way to help reduce your attack surface! #belowthenoiselevel #leastprivilege

🛡 Firmware security is critical in today’s threat landscape, with UEFI playing a pivotal role in booting modern systems. The latest updates in Binary Ninja 4.1 and the EFI Resolver plugin bring powerful tools for analyzing UEFI firmware, making the complex task of reverse engineering more accessible. Key Features: 🔹 Automated UEFI Analysis: EFI Resolver now streamlines the identification of EFI protocols and type propagation, helping security professionals quickly uncover vulnerabilities. 🔹 Support for SMM Protocols: The plugin also enhances the discovery of System Management Mode (SMM) protocols, a critical area for firmware security. 🔹 Custom UEFI Types: With support for user-defined GUIDs and types, Binary Ninja is adaptable to various firmware environments. These tools are invaluable for securing systems at the firmware level. 🔗 Read more in Binary Ninja’s blog post 👇 🚀 Need help securing your firmware? Iterasec’s experts are here to assist you in leveraging these tools to protect your systems. Contact us today! #FirmwareSecurity #UEFI #BinaryNinja #ReverseEngineering #FirmwareAnalysis

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access: A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands. The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4. "A vulnerability exists in the affected products that allows a threat actor to

ICS / OT Security is a challenging field to learn and test, particularly when aiming to grow within the industry. As a personal project, a friend, Alejandro Aguilar deeply involved in ICS and myself have collaborated to build an ICS Test Lab at home. The lab replicates real-world ICS environments found in critical infrastructure, featuring components like controllers, HMIs, networking devices, and simulations of cyber threats using Kali Linux. It's designed to be cheap (under $200), provide practical training and insights into securing industrial control systems and of course have some ICS Fun! :) Here is a video: https://lnkd.in/gih-i2Gn Stay tuned as we continue to develop and share our learnings from this project. If you're interested in ICS security or looking to collaborate, feel free to reach out. Let's explore and strengthen our understanding of OT security together. Collaborate or Check the Progress: Join us / Learn more - check out the website https://lnkd.in/ghS-Xuts #ICSSecurity #OTSecurity #IndustrialControlSystems #Cybersecurity #HomeLab #OTNetworkSecurity #IACS

Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to achieve remote code execution, denial-of-service (DoS), DNS cache poisoning, and leakage of sensitive information. UEFI firmware – which is responsible for booting the operating system – from AMI, Intel, Insyde, and Phoenix Technologies are impacted by the shortcomings. EDK II incorporates its own TCP/IP stack called NetworkPkg to enable network functionalities available during the initial Preboot eXecution Environment (PXE, pronounced "pixie") stage, which allows for management tasks in the absence of a running operating system.