Disclosing our latest research findings of critical architectural vulnerabilities in the Siemens SIMATIC and SIPLUS S7-1500 series that allow for bypass of all protected boot features. (CVE-2022-38773) Read more on our blog post: tinyurl.com/4s9v6vxr

otorio.com/blog/wireless-… By OTORIO

🔥New Challenge Released -> BlackEnergy🔥 Your enterprise was hit by a cyber attack using a variant of the #BlackEnergy #malware you have never seen before. Analyze the memory dump using #Volatility & investigate the intrusion. cyberdefenders.org/blueteam-ctf-c… #DFIR #BlueTeam #InfoSec

Xiaomi scooter hardware reversing & hacking - full walkthrough robocoffee.de/?p=436

ICS Pwn2own 2022 – Ignition by mufinnnnnnn & ϻг_ϻε 🔥 muffsec.com/blog/ics-pwn2o…

👉The ransomware attack on Colonial Pipeline—2 years ago today—was a watershed moment in cybersecurity. Since then, we’ve learned a lot & made great strides w/our partners, but lots more to do to strengthen our collective cyber defense. A brief reflection: go.dhs.gov/4WY

🐺🛡️New blog! We dive into an ICS/OT malware family that we've dubbed COSMICENERGY. mandiant.com/resources/blog…

Tenable was one of a handful of experts pre-notified by Rockwell Automation, in collaboration with the U.S. government, to provide awareness on these new #operationaltechnology vulnerabilities. (CVE-2023-3595) and (CVE-2023-3596) tenable.com/blog/cve-2023-…

Microsoft cyberphysical systems researchers continue to develop and add more tools to the open-source Microsoft ICS forensics framework we released last year for analyzing industrial programmable logic controller (PLC) metadata and project files: msft.it/60169yhxs

We’re sharing our discovery and analysis of multiple high-severity vulnerabilities in the CODESYS V3 SDK that could put OT infrastructure at risk of attacks like RCE and DoS. Learn how we reported and worked with CODESYS to address the vulnerabilities: msft.it/60139JmFb

mandiant.com/resources/blog… #ics #OTsecurity #malware #infosec

Sektor CERT released report on cyber attacks targeting Denmark Critical Infrastructure. #icssecurity #OTsecurity #OTsec #malware sektorcert.dk/wp-content/upl…

A cyberattack claimed by Israeli hacking group Predatory Sparrow affected about 70% of gas stations throughout Iran. therecord.media/iran-cyberatta…

COSMICENERGY: The Renaissance of threats to Operational Technology. youtu.be/SGWK3o8Cltg?si… Credits Kapellmann #OTsecurity #ICS #ICSSecurity #Bsides

thezdi.com/blog/2023/12/5… credits: TrendAI Zero Day Initiative #EVSecurity #IoTsecurity #OTSecurity

Yesterday Dragos, Inc. unveiled 'FrostyGoop' an ICS (Industrial Control System) malware suspected to be developed by Russia's infamous sandworm team. FrostyGoop successfully shut off the electricity of 600 apartment buildings in the midst of sub-zero temperatures (sub -17C

🔬 Read #Team82's analysis of a new cyberweapon called #IOCONTROL that's been uncovered and used in attacks against the U.S. and Israel. The weapon is custom-built and its modular configuration allows it to be used against #IoT, #OT, and #SCADA systems. hubs.li/Q02_ytBR0

Understand ARM64 reversing and exploitation with a breakdown of the ARM instruction set, registers, and a step-by-step simple heap overflow exploit. Read more: 8ksec.io/arm64-reversin… Learn all about ARM assemble and exploitation from our course at academy.8ksec.io/course/offensi…

Extracting Embedded MultiMediaCard (eMMC) contents in-system. ZDI researcher Dmitry Janushkevich details how to interact with an eMMC chip and notes some pitfalls you may encounter on the way. zerodayinitiative.com/blog/2025/6/18…