Radio Killed the Radio Stars: Security Analysis of RF Protocols for Industrial Applications
After having analyzed the several RF protocols for industrial applications, distributed by global vendors, we discovered that none of them had sufficient security features to prevent an attacker from hijacking the communication and manoeuvre the controlled connected machines.
Read More
Large Scale Analysis of Defaced Web Pages
Given the multiple releases around this topic and project, I’ve decided to put together a summary. So far, there is: a tool, a white paper, an academic paper, and (spoiler alert) another white paper coming soon.
Read More
Dnsmasq and CVE-2017-1449*: A Reality Check and Remediation Practices
Many vulnerabilities in one shot, yet several pre-conditions for a target to be actually exploitable. Here’s simple flowchart to check whether your Dnsmasq deployments are vulnerable.
Read More
From a Bit-flipping to a Vulnerability in the CAN Standard
CAN-based protocols are vulnerable to bit-flipping attacks at the link layer. In this collaborative research, Politecnico di Milano’s NECSTLab and Trend Micro’s FTR analyze the protocol in depth and demonstrate the vulnerability on a real car, with PoC and so on.
Read More
The Role of Industrial Routers in Keeping the Future Factory Secure
Industrial routers play a very crucial role: a single vulnerability can grant the attacker access to an entire network of critical machines. In this research, I’ve looked at how easy it is for a hypothetical attacker to find and enumerate industrial routers, and the security posture of their vendors.
Read More