Nexus: A Claroty Podcast
83 episodes - English - Latest episode: 7 days ago - ★★★★★ - 4 ratingsNexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments. Nexus is formerly known as Aperture.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Ahmik Hindman on Patching OT and ICS
July 08, 2024 04:00 - 28 minutes - 19.4 MBAhmik Hindman, Senior Network and Security Solution Consultant at Rockwell Automation, joins the Claroty Nexus podcast to discuss the challenges and success stories he's experienced in patching operational technology equipment and industrial control systems. Hindman has been at Rockwell Automation for 28 years and has expansive experience with customers solving these complex cybersecurity issues. Hindman shares some of the frameworks, tools, and approaches he's worked with, and how convergen...
Dr. Bilyana Lilly on Information Warfare
July 01, 2024 04:00 - 27 minutes - 19.1 MBDr. Bilyana Lilly, an expert on geopolitics and Russia’s codification of information warfare as a strategy, says that the war in Ukraine has only temporarily delayed Russia’s activity against the West in cyberspace. On this episode of the Nexus podcast, she reinforces the idea that despite the fact that Russia is operating under severe resource constraints, CISOs should be preparing for the inevitable. “I think it’s important to identify the conditions and the constraints that currently t...
Vinnie Liu on Offensive Security Testing During Incidents
June 10, 2024 04:00 - 29 minutes - 20.3 MBBishop Fox CEO and Cofounder Vinnie Liu joins the Nexus Podcast to discuss his team's role during security incidents in conducting offensive security testing alongside incident response activities. In healthcare environments where ransomware is the leading threat, red-teams and other offensive security specialists are called in, Liu said, to ensure that secondary attack vectors cannot be leveraged by attackers to maintain persistence inside an organization.
Diana Kelley on Protecting the AI Lifecycle
June 03, 2024 04:00 - 26 minutes - 18 MBProtect AI Chief Information Security Officer Diana Kelley joins the Claroty Nexus podcast to discuss the intricacies of securing machine learning and artificial intelligence use inside the enterprise. She also explains the concept of MLSecOps and how it compares and contrasts to DevOps used in application development.
Diana Kelly on Protecting the AI Lifecycle
June 03, 2024 04:00 - 26 minutes - 18 MBProtect AI Chief Information Security Officer Diana Kelly joins the Claroty Nexus podcast to discuss the intricacies of securing machine learning and artificial intelligence use inside the enterprise. She also explains the concept of MLSecOps and how it compares and contrasts to DevOps used in application development.
Jennifer Minella on OT Cybersecurity Convergence
May 28, 2024 04:00 - 29 minutes - 20.6 MBJennifer Minella, founder and principal advisor of Viszen Security, joins the Claroty Nexus podcast to discuss her experiences advising organizations on operational technology implementations, risk management, and succeeding at IT/OT convergence. This episode was recorded during RSA Conference where Jennifer and Bryson Bort gave a talk on convergence from the perspectives of a defender of industrial networks, and from the viewpoint of an offensive security specialist.
Charles Blauner on the Changing Role of the CISO
May 20, 2024 04:00 - 31 minutes - 21.3 MBCharles Blauner, Team8 operating partner and CISO in residence, joins the Claroty Nexus podcast to discuss the rapid changes in responsibilities and liability risks facing today's chief information security officers. Blauner, former CISO at JP Morgan and Deutsche Bank, describes how, for example, the new SEC rules around disclosures and incidents, along with legal action against high-profile CISOs of public companies, have some security leaders re-thinking how they operate and negotiate with...
Mikko Hypponen on a Decade of Corporate Ransomware Attacks
May 13, 2024 04:00 - 32 minutes - 22.2 MBCybersecurity pioneer Mikko Hypponen joins the Claroty Nexus live at the RSA Conference to discuss a decade of ransomware attacks against corporate networks. Hypponen is Chief Research Officer at WithSecure, the former F-Secure for Business. He has observed and analyzed malware from its infancy when it was a merely a means of disruption and attention-seeking to today's enormously profitable ransomware services and gangs .
Adm. Michael Rogers on Geopolitics and Cybersecurity
May 09, 2024 04:00 - 27 minutes - 19.2 MBFormer NSA Director Adm. Michael S. Rogers (Ret. USN) joins the Claroty Nexus Podcast live from RSA Conference in San Francisco to discuss the current geopolitical climate, its impact on chief information security officers, and how they can and should response. Rogers discusses how the doctrines of adversaries are changing and that U.S. critical infrastructure is increasingly in the crosshairs. He also brings his experience and delivers practical advice for CISOs who are not only dealing wit...
Abel Archundia on Complexity in Critical Infrastructure
April 29, 2024 04:00 - 35 minutes - 24.5 MBAbel Archundia, chief technology officer and global head of advisory for Istari, joins the Claroty Nexus podcast to discuss the nature of complexity, technical debt, and regulation, and how it influences risk decisions in critical infrastructure environments. He explains the challenges complexity brings to manufacturing, pharmaceuticals, and other CI sectors, and how owners and operators may feel outmatched by technical debt.
Adam Gluck on Industrial DevOps
April 23, 2024 22:00 - 37 minutes - 25.5 MBAdam Gluck, founder and CEO of Copia Automation, joins the Claroty Nexus podcast to discuss the need for DevOps within industrial automation. DevOps practices are popping up more frequently in these environments, but there are still hurdles and challenges for developers and engineers to overcome. Adam covers those, and explains how DevOps can improve disaster recovery, lessen the introduction of vulnerabilities in new code, and mitigate risk by being proactive about reviewing code changes as...
Greg Garcia on the Change Healthcare Cyberattack
April 02, 2024 04:00 - 44 minutes - 30.6 MBGreg Garcia, the executive director of the Healthcare and Public Health Sector Coordinating Council’s Cybersecurity Working Group, joins the Claroty Nexus podcast to discuss the Change Healthcare ransomware attack and what can be done from a policy perspective to minimize the impact of such attacks in the future. Garcia has had a long career on the policy side of cybersecurity, and was the first presidentially appointed Assistant Secretary for Cybersecurity at the Department of Homeland Sec...
Ryan Pickren on New Web-Based PLC Malware Research
March 06, 2024 20:00 - 35 minutes - 24.3 MBRyan Pickren, a Ph.D. student in the School of Electrical and Computer Engineering at the Georgia Institute of Technology, joins the Claroty Nexus podcast to discuss a recently published research paper that explains a new web-based malware attack against programmable logic controllers. Pickren, the lead author, along with colleagues Tohid Shekari, Saman Zonouz, and Raheem Beyah, explains how embedded webservers inside modern PLCs can be attacked to give remote attackers full control over the...
Mike Rogers on Understanding a CISO's Personal Exposure in Cyber Incidents
February 14, 2024 05:00 - 37 minutes - 25.7 MBHormel Foods Chief Information Security Officer and Director of Information Security and Compliance Mike Rogers joins the Claroty Nexus podcast to discuss why it's so important for CISO's to understand their personal liability during cybersecurity incidents. New regulations, including the SEC's cybersecurity rules, are driving this need for security leadership to evaluate to manage their personal exposure. Rogers provides his perspective on the SEC rules, how incident response is changing, a...
Team82 Answers More of your OT Cybersecurity Questions
January 25, 2024 05:00 - 31 minutes - 22 MBNoam Moshe of Claroty Team82 is back to answer more listener questions about OT vulnerability research, threats and risks to OT networks and IoT devices, and the best mitigation and remediation strategies for defenders. This is a follow-up podcast to an episode we recorded in December answering listener questions. You can listen to that episode here.
Juan Piacquadio on Securing Pharma 4.0
January 10, 2024 05:00 - 47 minutes - 32.6 MBPhlow Corp., CIO Juan Piacquadio joins the Claroty Nexus podcast to discuss the application of Industry 4.0 to pharmaceuticals, also known as Pharma 4.0. The industry is quickly adopting advanced technologies such as artificial intelligence, digital twins, and augmented reality to enhance the development of medicine and improve patient care. Along with that expansion of capabilities comes a wider attack surface, and Piacquadio spends a good deal of time explaining not only the threat landsca...
David Elfering on CISOs and Cyber Liability Insurance
January 04, 2024 10:00 - 44 minutes - 30.4 MBDavid Elfering, CISO at Carrix and former security and risk executive at Marsh, is back for another episode of the Claroty Nexus podcast to discuss cyber liability insurance. Elfering has extensive experience working not only as an enterprise cybersecurity executive, but also with one of the world's leading insurance carriers. Listen as he brings insight on that perspective, how carrier cybersecurity requirements align with risk reduction, red flags that can imperil coverage or claims, and h...
Team82 Answers Your Vulnerability Research Questions
December 06, 2023 19:00 - 28 minutes - 19.8 MBTeam82 researchers Sharon Brizinov and Noam Moshe join the Claroty podcast for a special episode where they answer questions submitted by users. This Ask-Me-Anything style of podcast covers the team's OT and IoT vulnerability research process, resources for experienced and beginner vulnerability researchers, and insights from their point of view on the threat landscape for cyber-physical systems.
Mandiant on Sandworm APT Attacks in Ukraine
November 10, 2023 18:00 - 30 minutes - 20.9 MBNathan Brubaker, Mandiant and Google Cloud Head of Emerging Threats and Analytics, joins the Claroty Nexus podcast for a timely discussion on his team’s report published this week on the Sandworm APT’s activity in Ukraine. Sandworm leveraged a new TTP—Living off the Land techniques—to target a Ukrainian energy company in October 2022 to cause a power outage. That outage also coincided with missile attacks by Russia against critical infrastructure in Ukraine. Read Mandiant's Sandworm pape...
Don Weber on Security Culture in Control Environments, STAR Methodology
October 26, 2023 21:00 - 44 minutes - 30.7 MBDon Weber of Cutaway Security joins the Nexus podcast to discuss a trend in control environments where asset operators and engineers keep trained cybersecurity professionals at arm's length, citing safety concerns. As more control systems are connected and managed online, it's critical for certified security professionals to be included in overall safety and reliability activities. Otherwise new risk and vulnerabilities are likely to be introduced. Weber also discusses a new methodology for...
MITRE on Caldera for OT
October 05, 2023 19:00 - 43 minutes - 30 MBMisha Belisle and Blaine Jeffries of MITRE join the Claroty Nexus podcast to discuss Caldera for OT, a new set of operational technology plugins for the open source core Caldera adversary emulation platform. Caldera for OT supports the Modbus, BACnet, and dnp protocols, and Belisle and Jeffries hope to add future support for additional protocols. Red and purple teams may use Caldera for OT for adversary emulation in order to understand the exposure of these protocols to attacks. Caldera fo...
Jim LaBonty on the OT Security Stack
September 10, 2023 04:00 - 46 minutes - 32.2 MBRetired Pfizer Chief Information Security Officer Jim Labonty joins the podcast to discuss the operational technology (OT) security stack, and how it differs from IT. This episode provides especially important for the growing number of security leaders who are newly responsible for OT cybersecurity and the safety of cyber-physical systems. Labonty also shares his experience during his time at Pfizer in securing the development of Pfizer's Covid-19 vaccine, and how not only security of the ...
Stephen Reynolds on Protecting the CISO During Incident Investigations
August 28, 2023 04:00 - 33 minutes - 23.2 MBStephen Reynolds, a partner at the law firm of McDermott, Will, and Emery, joins the Nexus Podcast to discuss some of the concerns and questions CISOs and other security executives may have about their personal liability and exposure during breach investigations. The short of it: Don’t panic, but don’t be unprepared either. In this case, preparation equates to having personal legal counsel available, and document everything during an incident. Reynolds and Eli Lilly associate VP and assistan...
Team82 on NAS Research, OPC UA Exploit Framework
August 20, 2023 04:00 - 34 minutes - 23.7 MBTeam82’s extensive research into network attached storage devices and the ubiquitous OPC UA industrial protocol came to a head recently in Las Vegas with a pair of presentations at Black Hat USA and DEF CON disclosing vulnerabilities in Synology and Western Digital NAS cloud connections and the unveiling of a unique OPC UA exploit framework. In this episode of the Nexus podcast, researcher Noam Moshe explains how both research initiatives came to be, the implications of each for users, and...
Bishop Fox on OSDP Weaknesses Putting Secure Facilities at Risk
August 13, 2023 04:00 - 26 minutes - 18.2 MBIn this episode of the Nexus podcast, Bishop Fox researchers Dan Petro and David Vargas explain their research into the Open Supervised Device Protocol (OSDP), meant to bring encryption to badge readers and controllers providing physical access controls at secure facilities. Petro and Vargas explain a number of protocol weaknesses and vulnerabilities that defeat OSDP's promise of encryption and security. Through the attacks they describe, they're able carry out—among others—replay or downgr...
Jennifer Lyn Walker on Cybersecurity Risks in the Water Sector
August 03, 2023 04:00 - 46 minutes - 32.1 MBJennifer Lyn Walker, Director of Infrastructure Cyber Defense for the WaterISAC, joins the Nexus podcast to discuss the state of cybersecurity within the water and wastewater critical infrastructure sector. Walker explains where the cybersecurity technology, funding, and skills gaps currently exist among smaller—and larger—water providers. She also covers recent improvements from water utilities, and what, in an ideal world, the cybersecurity industry and government could do to help.
Kathleen Moriarty on CIS' IoT Security Guidance
July 16, 2023 04:00 - 38 minutes - 26.6 MBKathleen Moriarty, Chief Technology Officer of the Center for Internet Security (CIS) joins the Nexus podcast to discuss CIS' recently published IoT Embedded Security Guidance. The document walks vendors, developers, DevOps professionals through the most commonly used IoT protocols and analyzes them from a security perspective. The aim is to help vendors and developers with this selection process and assist with building security in at the protocol level. Download the guidance here.
Walter Risi on the CISO's Journey from IT to OT
July 09, 2023 04:00 - 35 minutes - 24.1 MBWalter Risi, Global OT Lead and the Technology and Cyber Security Consulting leader at KPMG in Argentina, joins the Nexus podcast to discuss the CISO's journey from IT to OT. Risi explains what's driving this convergence of security disciplines, and the challenges security leaders are facing across industries. You'll also learn why resilience should be the goal of enterprise security programs, the tools and experience necessary to successfully converge IT and OT security operations, and the...
Noam Moshe on Teltonika 4G IIoT Router Cybersecurity Research
May 30, 2023 04:00 - 16 minutes - 11.6 MBClaroty Team82's Noam Moshe joins the Nexus podcast to discuss a recent research collaboration with OTORIO looking at Teltonika's 4G industrial routers and cloud management platforms. Eight vulnerabilities were uncovered and patched by the vendor in a recent update. Moshe discusses the vulnerabilities, attack vectors involved, and the state of secure development for IIoT routers. Read Team82's report: "Triple Threat: Breaking Teltonika Routers Three Ways"
Charles Carmakal on Cybersecurity Threats to Healthcare
May 24, 2023 04:00 - 37 minutes - 26 MBMandiant Chief Technology Officer Charles Carmakal joins the Claroty Nexus podcast to discuss real-world threats to healthcare organizations. Mandiant has a unique vantage point as an incident response team involved in many high-profile cyberattacks. Based on that insight, Carmakal is able to comment on the conventional and opportunistic attacks healthcare delivery organizations and providers are dealing with. Some of those include multifaceted extortion as well as intellectual property thef...
Lorrie Cranor on IoT Security and Privacy Labels
April 27, 2023 04:00 - 32 minutes - 22.4 MBLorrie Cranor, Director and Bosch Distinguished Professor in Security and Privacy Technologies at Carnegie Mellon University's CyLab, joins the Nexus podcast to discuss an IoT security and privacy label initiative under way at CyLab. The labels are meant not only to help consumers make informed buying decisions, but also to nudge vendors and manufacturers closer toward delivering secure smart devices to market.
Skip Sorrels on the 405(d) HICP, Healthcare Cybersecurity
April 18, 2023 04:00 - 41 minutes - 28.2 MBSkip Sorrels, director of cybersecurity at Ascension Technologies, which oversees the technology needs for Ascension Healthcare, one of the country’s biggest non-profit healthcare providers, joins the Nexus podcast to discuss the 405(d) Task Group's Health Industry Cybersecurity Practices (HICP). The HICP identifies top cybersecurity threats to the healthcare industry, and 10 blocking-and-tackling mitigation practices and sub-practices aimed at not only larger, more resourced organizations...
Dave Elfering on Cyber Liability Insurance
April 10, 2023 05:00 - 42 minutes - 29.3 MBDave Elfering, senior vice president at Marsh, a global insurance broker and risk management company, joins the Nexus podcast to discuss the current state of cyber insurance. A longtime figure in information security, Elfering explains the current volatility around coverage, premiums, and exclusions. He goes deep into what can sometimes be contentious discussions about qualifications and controls that must be implemented in order to be eligible for coverage, in addition to policy exclusions.
Vera Mens on Akuvox E11 Vulnerabilities
March 22, 2023 04:00 - 21 minutes - 14.6 MBTeam82 researcher Vera Mens joins the Nexus podcast to discuss her research that uncovered 13 vulnerabilities in the popular Akuvox E11 smart intercoms. These devices are used to control access to offices, residential, and commercial establishments. The vulnerabilities range in severity, and pose serious privacy implications for users. Vera will discuss her research and a challenging disclosure withe vendor that began 15 months ago. Read Team82's technical report on this research here. Re...
Adm. Mike Rogers on the National Cybersecurity Strategy
March 09, 2023 05:00 - 39 minutes - 27.2 MBAdm. Mike Rogers, USN (Ret.) joins the Nexus podcast to discuss the recently released National Cybersecurity Strategy, the first such strategy from the Biden administration. The strategy codifies many of the cyber-physical systems security initiatives the White House has produced since 2021 in the aftermath of the Colonial Pipeline ransomware attack. Adm. Rogers shares his past contributions to previous strategies, and provides insight into the document's five pillars and how they will impac...
Katherine Gronberg on the Federal Government and OT/IoT Cybersecurity
February 09, 2023 05:00 - 43 minutes - 30.2 MBKatherine Gronberg, head of government services at cybersecurity venture capital firm NightDragon, joins the Nexus Podcast to discuss what's driving the federal government's renewed interest and investment in OT and IoT cybersecurity. Katherine brings insight from her unique perspective on these issues, especially as it pertains to upcoming requirements facing asset owners and operators, how vendors must respond to mandates put out by the White House, and what might be in the impending natio...
Noam Moshe on a Generic WAF Bypass Technique
December 19, 2022 18:00 - 30 minutes - 21.1 MBClaroty Team82 researcher Noam Moshe joins the podcast to discuss his recent research and development of a generic bypass of leading vendors' web application firewalls. This research was presented at Black Hat Europe and on the Team82 blog. The technique involves prepending JSON syntax to a SQL injection payload. Prior to this research, WAFs were blind to JSON syntax and would not flag these payloads as malicious. All of the leading vendors have since added JSON support to their SQL inject...
Sharon Brizinov on Hacking IoT
December 12, 2022 16:00 - 26 minutes - 18.1 MBClaroty Team82 Director of Research Sharon Brizinov joins the podcast to discuss the recent Pwn2Own Toronto event. Brizinov was successful in three categories at the event, finding and exploiting zero day vulnerabilities in two network-attached storage devices and a popular router. In this episode, Brizinov explains his preparation for the contest, and compares and contrasts hacking industrial control systems and internet of things connected devices.
Joe Slowik on TRITON Malware, XENOTIME Hacking Group
October 28, 2022 22:00 - 42 minutes - 29.1 MBJoe Slowik, threat intelligence and detections lead at Gigamon, joins the podcast to discuss the XENOTIME hacking group, the entity believed to be responsible for the 2017 Triton attack. Triton was deployed within a petrochemical facility in Saudi Arabia and triggered a fault in the Schneider Electric Triconex Safety Instrumented Systems that initiated a shutdown of the plant. The Triton intrusion and malware deployment could have been much worse, resulting in harmful physical consequences ...
Inside Team82's EvilPLC Attack
October 20, 2022 04:00 - 22 minutes - 15.6 MBTeam82's Noam Moshe, one of the researchers involved in developing the EvilPLC attack, discusses the technique of using a weaponized programmable logic controller to compromise an engineer's workstation and gain access to other PLCs on the OT network. Read more about the EvilPLC technique Download Team82's paper on EvilPLC
Sarah Fluchs Revisits the Top 20 Secure PLC Coding Practices List
September 30, 2022 15:00 - 47 minutes - 32.3 MBSarah Fluchs, CTO at Admeritia, joins the Aperture podcast to discuss the Top 20 Secure PLC Coding Practices List. Written for engineers by engineers, the list provides recommendations that can be used to securely design and code programmable logic controllers (PLCs). The first iteration of the list was published in 2021, and since then, its core group of maintainers has grown to 75 and more than 1,000 engineers and experts registered as contributors. The list has been prominent referenced...
Vergle Gipson on Cyber-Informed Engineering
September 28, 2022 04:00 - 44 minutes - 30.7 MBVergle Gipson, senior advisor, at Idaho National Lab's Cybercore Integration Center, joins the podcast to discuss cyber-informed engineering and the maturing discipline of operational technology (OT) cybersecurity. Gipson recently testified before a House Committee on Homeland Security about the need to secure industrial control systems against cyberattacks. One of the recommendations he suggested to the committee was the need for cyber-informed engineering, which has parallels to secure so...
Noam Moshe on the Evil PLC Attack
August 19, 2022 04:00 - 33 minutes - 23.1 MBClaroty Team82 researcher Noam Moshe joins the podcast to discuss the Evil PLC Attack research published recently. Evil PLC is a technique whereby a weaponized PLC is used to compromise an engineering workstation in order to move deeper onto the OT network, the enterprise network, or other PLCs. Read Team82's blog here. Download our technical paper here (free PDF).
Dan Gunter on Threat Hunting in Industrial Control Systems
July 18, 2022 04:00 - 38 minutes - 26.6 MBInsane Forensics CEO and founder Dan Gunter joins the Aperture podcast to discuss threat hunting approaches inside industrial control systems (ICS) and operational technology (OT) networks. Gunter describes how Shodan can be used to understand exposures within an industrial network and threats posed by trust relationships to the OT network. Gunter explains what asset operators and owners need in place to begin threat hunting, what they should be looking for, and how to use tools such as Shod...
Dan Ricci on the ICS Advisory Project
July 06, 2022 04:00 - 33 minutes - 22.7 MBDan Ricci joins the podcast to discuss the ICS Advisory Project. Ricci founded the project in 2018, which provides vulnerability management teams with a searchable, intuitive dashboard that visualizes industrial control system security and vulnerability advisories and threat data. In this episode, Ricci explains how the ICS Advisory Project got off the ground, some of the features it currently offers, how it can be used by security analysts and OT operators, and where he imagines the projec...
Vera Mens on Hacking Flow Computers
June 30, 2022 09:00 - 38 minutes - 26.3 MBClaroty Team82 researcher Vera Mens joins the podcast to discuss her BSides Tel Aviv presentation today called, "Total Flaw: Hacking Flow Computers for Fun and Free Gas." Flow computers calculate flow rates for gas, oil, and more, and could be a key target for an experienced attacker who is looking to disrupt or damage a process in the oil and gas industry. Mens uncovered two vulnerabilities that gave her access to a vendor's flow computer and allowed her to write code to the device; the v...
Don C. Weber on ICS Cybersecurity Training, Education
June 15, 2022 22:00 - 46 minutes - 32.2 MBDon C. Weber, founder of Cutaway Security, joins the podcast to discuss his extensive career in information security, his journey to industrial control system cybersecurity, and his desire to educate, train and mentor others in the community. Weber’s business focuses on security services for industrial environments through program reviews, security assessments, penetration testing, and training. He is also a SANS instructor and a fixture at Black Hat/DEF CON and other major events. He also r...
Idaho National Lab on the INL Control Environment Laboratory Resource (CELR)
June 02, 2022 04:00 - 46 minutes - 31.6 MBTim Huddleston of Idaho National Laboratory joins the Aperture podcast to discuss the INL Control Environment Laboratory Resource (CELR). CELR is a simulated critical infrastructure environment where users may test their incident response capabilities against real-life attack scenarios. Users may also use the environment to conduct malware and vulnerability analysis of ICS and SCADA devices, and also test product capabilities against simulated cyber-physical attacks. Learn more about CELR he...
Thomas Schmidt and Martin Scheu on the Common Security Advisory Framework
May 26, 2022 04:00 - 36 minutes - 25.1 MBThomas Schmidt of the German Federal Office for Information Security and Martin Scheu, an OT Security Engineer at SWITCH-CERT, join the podcast to discuss the Common Security Advisory Framework (CSAF). CSAF automates the largely manual task of gathering security advisories and vulnerability remediation information, and then creates standardized, machine-readable advisories that users such as vendors and industry organizations can thus distribute to end users.
Daniel Kapellmann Zafra on Incontroller/Pipedream ICS Attack Tools
May 04, 2022 04:00 - 39 minutes - 27.1 MBMandiant senior technical analysis manager Daniel Kapellmann Zafra joins the Claroty Aperture podcast to discuss the Incontroller/Pipedream attack tool. Incontroller is alleged to be a state-sponsored tool specifically designed to target industrial control systems. Incontroller was discovered before it was employed on a victim's network, yet nonetheless it remains one of the most sophisticated, dangerous ICS attack platforms ever developed. Kapellman Zafra discusses Incontroller's three co...