Binary Vulnerabilities

C++ Embedded System Security: Protection and Vulnerability Mitigation

by
C++ Embedded System Security: Protection and Vulnerability Mitigation

C++ Embedded System Security: Protection and Vulnerability Mitigation In today’s technological environment, embedded systems have become increasingly important due to their widespread applications in areas such as IoT devices, home appliances, automotive, and medical equipment. However, as these systems are often connected to networks, they also face numerous security threats. This article will detail how … Read more

Siemens SPPA-T3000 Control System Exposes Critical Vulnerabilities, Leaving Global Power Plants at Risk!

by
Siemens SPPA-T3000 Control System Exposes Critical Vulnerabilities, Leaving Global Power Plants at Risk!

Recently, Siemens announced that its industrial equipment, commonly used in petrochemical plants and large renewable energy power plants, has 54 security vulnerabilities. Among these, the most severe vulnerabilities can be exploited for denial-of-service (DoS) attacks or remote code execution on arbitrary servers, putting power plants at risk of failure and halting electricity generation. More alarmingly, … Read more

Exploring Vulnerabilities in the VMware Workstation Renderer

by
Exploring Vulnerabilities in the VMware Workstation Renderer

Background In mid-January, ZDI announced the rules for the 2017 competition, which included a substantial reward for teams that could break VMware and achieve virtual machine escape. VMware is no longer a new target; it was identified as a target in 2016. As a target, VMware has undergone various attacks, with many points of attack … Read more

Breaking the Myth of Air-Gapped Network Security! Air-Gapped Networks Still Vulnerable to DNS Attacks

by
Breaking the Myth of Air-Gapped Network Security! Air-Gapped Networks Still Vulnerable to DNS Attacks

In May 2022, Dark Reading reported that researchers from Nozomi Networks discovered that common misconfigurations of the Domain Name System (DNS) in enterprise environments could expose air-gapped networks and their high-value assets to external attackers. A blog post by Nozomi Networks’ ICS analyst team explained that this flaw exists in all versions of the widely … Read more

Basic Jitter Measurement Using an Oscilloscope

by
Basic Jitter Measurement Using an Oscilloscope

Jitter is the short-term variation of a digital signal’s timing relative to its nominal value. There are two main types of jitter: random jitter and deterministic jitter. Random jitter is unbounded, meaning its value continues to increase as the measurement duration increases, and it is related to random processes such as noise. Deterministic jitter, on … Read more

What Does Hacking Historical Databases in Industrial Control Systems Mean?

by
What Does Hacking Historical Databases in Industrial Control Systems Mean?

Researchers from the industrial cybersecurity company Claroty revealed on January 17 that their Team82 discovered five exploitable vulnerabilities (CVE-2022-46732, CVE-2022-46660, CVE-2022-43494, CVE-2022-46331, and CVE-2022-38469) in GE Digital’s Proficy Historian server, affecting multiple critical infrastructure sectors. Threat actors could exploit these vulnerabilities to access historical data, crash devices, or execute code remotely. These vulnerabilities impact GE … Read more

Top Ten Security Issues Facing Industrial Control Systems

by
Top Ten Security Issues Facing Industrial Control Systems

Author | Green Alliance Technology With the continuous advancement of strategies such as Germany’s Industry 4.0, America’s Industrial Internet, and China’s Manufacturing 2025, along with the integrated development of new generation information technologies like the Internet of Things, cloud computing, big data, and 5G, industrial production networks are gradually interconnected with office networks, the Internet, … Read more

Fundamentals of Cybersecurity

by
Fundamentals of Cybersecurity

1. Overview of Cybersecurity 1.1 Definition Information Security: The technical and managerial security measures established and adopted for data processing systems, protecting computer hardware, software, and data from accidental and malicious destruction, alteration, and disclosure. Cybersecurity: Prevent unauthorized users from accessing information Prevent unauthorized attempts to destroy or modify information 1.2 Characteristics of Information Security … Read more

God Mode of IoT Devices: Insights from 2017 Security Developer Summit

by
God Mode of IoT Devices: Insights from 2017 Security Developer Summit

Editor’s Note: Currently, the security issues of IoT devices are mainly limited by hardware and software. Often, if the configuration does not keep up, even if developers want to address security issues, they may feel powerless. On the software level, the built-in protection mechanisms of the system are particularly critical, especially permission-based protections. We know … Read more