Schneier on Security

OCTOBER 3, 2019

Data Collected: 22 Vendors 1,294 Products 4,956 Firmware versions 3,333,411 Binaries analyzed Date range of data: 2003-03-24 to 2019-01-24 (varies by vendor, most up to 2018 releases). [.]. They look at the actual firmware. Within our 15 year data set, there have been no positive trends from any one vendor.

IoT 229

IoT Firmware Data collection Architecture 229

The Last Watchdog

AUGUST 14, 2019

Once inside, attacks increasingly deploy so-called ‘fileless” attacks , that come and go only when a certain compromised piece of software – or firmware — is opened in memory. More data had to be collected, stored and analyzed, ideally by experienced analysts. But, of course, EDR also raised fresh challenges.

Antivirus 147

Antivirus Digital transformation Firmware Software 147

eSecurity Planet

SEPTEMBER 9, 2024

They communicate with the central control system, allowing data collection and remote control over long distances. These networks enable data exchange between PLCs, RTUs, SCADA systems, and HMIs. Encryption and secure communication protocols: Protecting data in transit between ICS components.

Firmware 111

Firmware Encryption Manufacturing Risk 111

CyberSecurity Insiders

SEPTEMBER 21, 2021

Many organizations have opted to converge their IT and OT environments, which can yield many benefits such as efficiency and more elegant architecture; at the same time, these decisions are not without risk. • Configuration control that tracks all changes to code, OS & firmware regardless. Should OT and IT be converged?

Energy and Utilities 101

Energy and Utilities Threat Detection Manufacturing Technology 101

SecureList

OCTOBER 25, 2023

This archive is discreetly hosted on legitimate websites, cleverly disguised as firmware binaries for enigmatic devices labeled “m100” The Bitbucket repository was created on June 21, 2018, under the account of Julie Heilman, and it remains the sole repository associated with this profile. onion ghtyqipha6mcwxiz[.]onion

Malware 143

Malware DNS Encryption Ransomware 143

SecureList

NOVEMBER 14, 2023

In May, Ars Technica reported that BootGuard private keys had been stolen following a ransomware attack on Micro-Star International (MSI) in March this year (firmware on PCs with Intel chips and BootGuard enabled will only run if it is digitally signed using the appropriate keys).

Hacking 141

Hacking Energy and Utilities Media Malware 141

Thales Cloud Protection & Licensing

NOVEMBER 7, 2017

Imagine the “smart factory” of the future offering real time data collection, predictive insight into machine maintenance or even remote factory monitoring for updates and disruptions. The proliferation of connected devices offers enormous business benefit, across industries as diverse as manufacturing, healthcare and automotive.

IoT 97

IoT Cybersecurity Manufacturing Digital transformation 97