Building Management Systems: Latent Cybersecurity Risk
Manage the Cybersecurity Risks of your BMS Building management systems (BMS) and building automation systems (BAS) are great innovations, but present latent cybersecurity and operational risks to organizations. The consequences of a cyberattack on a BMS or BAS could result in operational disruption from the denial of use of the building. Over the past decade, there have been several examples of attacks on BMS and components. Weaponization and operationalization of vulnerabilities in BMS by threat actors with tools such as ransomware is likely to occur in the next three years….
Inside IOActive’s Innovative Key Fob Badge for DEF CON 2024’s Car Hacking Village – Part 3/3
This is Part-3 of a 3-Part Series. Check out Part-1 here and Part-2 here. This is the third in a series of three posts in which I break down the creation of a unique key fob badge for the 2024 Car Hacking Village (CHV). Part 1 is an overview of the project and the major components; I recommend that you begin there. In Part 2 I discussed some of the software aspects and the reasoning behind certain decisions. Background Before I discuss…
Inside IOActive’s Innovative Key Fob Badge for DEF CON 2024’s Car Hacking Village – Part 2/3
This is Part-2 of a 3-Part Series. Check out Part-1 here and Part-3 here. This is the second in a series of three posts in which I break down the creation of a unique key fob badge for the 2024 Car Hacking Village (CHV). Part 1 is an overview of the project and the major components; I recommend you begin there. In this post, I’ll discuss some of the software aspects and the reasoning behind certain decisions. This blog covers several high-level…
Inside IOActive’s Innovative Key Fob Badge for DEF CON 2024’s Car Hacking Village – Part 1/3
This is Part-1 of a 3-Part Series. Check out Part-2 here and Part-3 here. IOActive recently sponsored the DEF CON 2024 Car Hacking Village (CHV) by designing one of the exclusive badges sold at the event. This took the form of a key fob badge that mirrors the functionality of everyday car key fobs, which support keyless entry and keyless start, also known as Passive Entry Passive Start (PEPS). This post kicks off a three-part series explaining the creation of this unique…
KARMA v1.0 (Key Attribute and Risk Management and Analysis)
KARMA v1.0 (Key Attribute and Risk Management and Analysis) is a risk-rating system developed by IOActive to assess a system’s ability to avoid negative outcomes based on specific key attributes. It uses the expertise of subject matter experts (SMEs) to identify the factors that best predict risks in real-world scenarios. “System” refers to the asset (e.g., application, software, device, or component) evaluated in its likely deployment context. KARMA has been used for over 20 years and is effective across various security assessments, including web, mobile, infrastructure,…
Getting Your SOC SOARing Despite AI
It’s a fact: enterprise security operations centers (SOCs) that are most satisfied with their investments in Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) operate and maintain less than a dozen playbooks. This is something I’ve uncovered in recent years whilst building SIEM+SOAR and autonomous SOC solutions – and it perhaps runs counterintuitive to many security leaders’ visions for SOAR use and value. SOAR technology is one of those much-touted security silver bullets that have tarnished over time and been subsumed into broader categories of…
Potential Integrated Circuit Supply Chain Impacts from Hurricane Helene
The damage caused by Hurricane Helene in Spruce Pine will likely cause disruptions at the start of the microchip and integrated circuit (IC) supply chain by preventing the mining and distribution of high purity quartz until the mines and local transportation networks are fully repaired. BACKGROUND Hurricane Helene Impacts In late September 2024, Hurricane Helene impacted the Caribbean, Florida, Georgia, Tennessee, North Carolina and other southeastern states in the United States[1]. Its impacts varied widely depending on location and the associated exposure to the primary…
About to Post a Job Opening? Think Again – You May Reveal Sensitive Information Primed for Cybersecurity Attacks
People are always on the move, changing their homes and their workspaces. With increasing frequency, they move from their current jobs to new positions, seeking new challenges, new people and places, to higher salaries. Time and hard work bring experience and expertise, and these two qualities are what companies look for; they’re looking for skilled workers every single day, on multiple job search and recruiting platforms. However, these job postings might reveal sensitive information about the company that even the most seasoned Human Resources specialists don’t notice. Job posting websites…
Get Strategic About Cyber Risk Management
With global cybercrime damage costs exceeding $11 trillion last year and moving toward an estimated $20 trillion by 2026, robust cybersecurity risk management has never been more imperative. The interconnected nature of modern technology means that, by default, even small vulnerabilities can lead to catastrophic losses. And it’s not just about finances. Unmitigated risk raises the specter of eroded customer confidence and tainted brand reputation. In this comprehensive guide, we’ll give enterprise defenders a holistic, methodical, checklist-style approach to cybersecurity risk management. We’ll focus on…
IOActive Security Advisory | PLANET Networking – Vulnerabilities Identified
Affected Product IGS-4215-16T2S Firmware Version 1.305b210528 Background IOActive had the chance to access the IGS-4215-16T2S device. IOActive identified three vulnerabilities which need attention. Timeline 2022-09-29: IOActive discovers the vulnerabilities 2023-03-29: IOActive informs Planet Technology about the identified vulnerabilities 2023-12-13: Planet released a new firmware version (1.305b231218) informing IOActive that the vulnerabilities are fixed 2024-01-09: IOActive notifies the vulnerability to INCIBE, Spanish CERT 2024-02-16: IOActive confirm that the vulnerabilities were fixed after retesting them in the new firmware version 2024-03-21: INCIBE shared the CVEs assigned with IOActive…