February 11, 2023

Knocking down the legs of the industrial security triad.

Listen Later

19 minutes

Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the industrial network with the intention of intercepting, viewing, and even manipulating values sent to (and from) the HMI, ultimately trying to trick the user into making a wrong decision, ultimately affecting the proper operation of the process.

In this research, they are targeting Rockwell Automation’s FactoryTalk View SE products, trying to highlight the lack of integrity and confidentiality on the production network and the effect that has on the overall security of the production environment.

The research can be found here:

GuidePoint Security researcher discovers vulnerability in the integrity of common HMI client-server protocol

Learn more about your ad choices. Visit megaphone.fm/adchoices

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Research Saturday

By N2K Networks

4.4

88 ratings

February 11, 2023

Knocking down the legs of the industrial security triad.

Listen Later

19 minutes

Pascal Ackerman, OT Security Strategist from Guidepoint Security, joins Dave to discuss his work on discovering a vulnerability in the integrity of common HMI client-server protocol. This research is a Proof of Concept (PoC) attack on the integrity of data flowing across the industrial network with the intention of intercepting, viewing, and even manipulating values sent to (and from) the HMI, ultimately trying to trick the user into making a wrong decision, ultimately affecting the proper operation of the process.

In this research, they are targeting Rockwell Automation’s FactoryTalk View SE products, trying to highlight the lack of integrity and confidentiality on the production network and the effect that has on the overall security of the production environment.

The research can be found here:

GuidePoint Security researcher discovers vulnerability in the integrity of common HMI client-server protocol

Learn more about your ad choices. Visit megaphone.fm/adchoices

...more

More shows like Research Saturday

Security Now (Audio) by TWiT

Security Now (Audio)

2,001 Listeners

Risky Business by Patrick Gray

Risky Business

377 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

652 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,022 Listeners

Smashing Security by Graham Cluley

Smashing Security

319 Listeners

Click Here by Recorded Future News

Click Here

418 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,019 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

177 Listeners

Hacking Humans by N2K Networks

Hacking Humans

315 Listeners

Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

Defense in Depth

74 Listeners

Caveat by N2K Networks

Caveat

94 Listeners

Cyber Security Headlines by CISO Series

Cyber Security Headlines

136 Listeners

Risky Bulletin by risky.biz

Risky Bulletin

46 Listeners

Hacker And The Fed by Chris Tarbell & Hector Monsegur

Hacker And The Fed

171 Listeners

The AI Fix by Graham Cluley and Mark Stockley

The AI Fix

33 Listeners