GE Grid Solutions Reason RT430 GNSS Precision-Time Clock Multiple Vulnerabilities
GE Grid Solutions’ Reason RT430 GNSS Precision-Time Clock is referenced to GPS and GLONASS satellites. Offering a complete solution, these clocks are the universal precision time synchronization units, with an extensive number of outputs which supports many timing protocols. including the DST rules frequently used on power systems applications. In accordance with IEEE 1588 Precision Time Protocol (PTP), the RT430 is capable of providing multiple IEDs synchronization with better than 100ns time accuracy over Ethernet networks. Despite being likely to never lose time synchronization from satellites, the RT430 GNSS features…
A Reverse Engineer’s Perspective on the Boeing 787 ‘51 days’ Airworthiness Directive
Several weeks ago, international regulators announced that they were ordering Boeing 787 operators to completely shut down the plane’s electrical power whenever it had been running for 51 days without interruption.1 The FAA published an airworthiness directive elaborating on the issue, and I was curious to see what kind of details were in this document. While I eventually discovered that there wasn’t much information in the FAA directive, there was just enough to put me on track to search for the root cause of the issue. This blog post will…
IOActive Corporate Overview
Research-fueled Security Assessments and Advisory Services IOActive has been at the forefront of cybersecurity and testing services since 1998. Backed by our award-winning research, our services have been trusted globally by enterprises and product manufacturers across a wide variety of industries and in the most complex of environments. Tailored to meet each unique organization’s requirements, IOActive services offer deep expertise and insight from an attacker’s perspective.
Hacking and Securing LoRaWAN Networks
LoRaWAN is becoming the most popular low-power wide-area network (LPWAN) open standard protocol used around the world for Smart Cities, IIoT, Smart Building, etc. LoRaWAN protocol has “built-in encryption” making it “secure by default.” This results in many users blindly trusting LoRaWAN networks without being diligent in assessing security concerns; the implementation issues and weaknesses can make the networks vulnerable to hacking. Currently, much of the cybersecurity problems of LoRaWAN networks, are not well known. Also, there are no available tools for LoRaWAN network security testing/auditing and attack detection, which…
IOActive Red and Purple Team Service
Building Operational Resiliency Through Real-world Threat Emulation. Who better to evaluate security effectiveness – compliance auditors or attackers? Vulnerability assessments and penetration tests are critical components of any effective security program, but the only real way to test your operational resiliency is from an attacker’s perspective. Our red and purple teams bring you this insight through full threat emulation, comprehensively simulating a full range of specific attacks against your organization – cyber, social, and physical.We can provide or advise on the creation of continuous, independent, and customized real-world attacker-emulation services…
IOActive Services Overview
Security services for your business, situation, and risks. With our breadth and depth of services offerings across more environments than any other firm today, we can deliver specific, high-value recommendations based on your business, unique situation, and the risk you face. We are a pure-play security services provider, offering services across the spectrum to include: cybersecurity advisory, full-stack security assessments, SDL, red/purple team and security team development (training) services.
Mismatch? CVSS, Vulnerability Management, and Organizational Risk
I’ll never forget a meeting I attended where a security engineer demanded IT remediate each of the 30,000 vulnerabilities he had discovered. I know that he wasn’t just dumping an unvetted pile of vulnerabilities on IT; he’d done his best to weed out false-positive results, other errors, and misses before presenting the findings. These were real issues, ranked using the Common Vulnerability Scoring System (CVSS). There can be no doubt that in that huge (and overwhelming) pile were some serious threats to the organization and its digital assets. The reaction…
Using Red Team and Purple Team Services to Strengthen Enterprise Security
Red team exercises provide organizations a real-world perspective on the efficacy of their security operations and incident response capabilities. The ability to identify a security incident quickly and respond efficiently is critical to protecting the information and assets most important to your company’s bottom line. In this webinar, John Sawyer, Director of Services at IOActive, will discuss the collaborative benefits of red team and purple teams and how it enhances the ability for enterprise blue teams to fully understand the visibility into each stage of a targeted attack from…
10 Laws of Disclosure
In my 20+ years working in cyber security, I’ve reported more than 1000 vulnerabilities to a wide variety of companies, most found by our team at IOActive as well as some found by me. In reporting these vulnerabilities to many different vendors, the response (or lack thereof) I got is also very different, depending on vendor security maturity. When I think that I have seen everything related to vulnerability disclosures, I’ll have new experiences – usually bad ones – but in general, I keep seeing the same problems over and…
GE Reason S20 Industrial Managed Ethernet Switch Multiple Vulnerabilities
The S20 Ethernet Switch is a device manufactured by GE Grid Solution which is deployed in industrial environments. This device is part of ICS/SCADA architectures. Stored XSS flaws can result in a large number of possible exploitation scenarios. With most XSS flaws, the entirety of the JavaScript language is available to the malicious user.