One of the nastiest aspects of the attack on the Ukrainian Electric Distribution System was bricking the Moxa Ethernet-to-Serial gateways. Industry insiders have known these little devices were a security problem. Reid goes over the timeline when it was disclosed to...
After two years establishing and running Digital Bond Labs, Reid and I have decided that it makes more sense to run this as a stand alone business. So I have the honor to be the first to announce and congratulate Reid on his new company: RevICS. In all candor...
We have been preparing some new and interesting challenges for the S4 CTF this year, and I think that players will have a lot of fun with what we have in the works. We have a number of nice challenges that involve breaking and entering into our ‘Killer Robot...
There are two weeks left to submit your session proposal for the S4x17 Main Stage or Stage 2: Technical Deep Dives. Take a look at the Call For Presentations and submit this month. Subscribe to The S4 Events YouTube Channel This S4xVideo is a great example of what we...
This guest post is by Michael Toecker of Context Industrial Security and a Digital Bond Alumnus. It first appeared on the SCADASEC list. I thought it was great, and Michael kindly allowed us to post it here. The world isn’t about just the process anymore,...
Way back at S4xJapan, 2015, Labs did a small research project on DNS domain squatting. We never thought that it would amount to much in terms of press, but did think that would be a useful talk to spur vendors into action before it was too late. Already we have...
Today through August 31st the S4x17 Call For Presentations is open. It is the place to present advanced topics in ICS and related fields to an audience will get it. The process is real simple. Send an email with 2 or 3 paragraphs on your session idea to...
Tomorrow we will be officially opening the S4x17 Call For Presentations (CFP), so I thought it would be the perfect time to highlight one of the S4 Classics to show what a S4 Technical Deep Dive looks like. Watch how Ralph goes through the code/logic in detail so...
A great 22 minute presentation by Ralph Langner of The Langner Group at S4x16. He provides some very specific examples of a cyber / physical attack on nuclear power plants. For example, a cyber attack on all of the feedwater systems. What is the key to this type of...
We decided to put the IRONGATE video from last week’s S4xEurope out first. There is no new big reveal over the information put out in the FireEye article, but Rob provides a lot of context that makes it easier to understand. He also focuses on unanswered...
