Displaying items by tag: Team82

GUEST RESEARCH:

Executive Summary

  • Team82 has researched devices manufactured by Ruijie Networks and discovered 10 vulnerabilities in its Reyee cloud management platform
  • These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices
  • The vulnerabilities, if exploited, could allow a malicious attacker to execute code on any cloud-enabled device, giving them the ability to control tens of thousands of devices
  • In addition, Team82 has devised an attack called Open Sesame, in which an attacker can pinpoint exploit a device in close physical proximity through the cloud, executing arbitrary code on it and gaining access to its internal network
Published in Guest Research

COMPANY NEWS: Claroty, the cyber-physical systems (CPS) protection company, today announced new proprietary data revealing that 13% of the most mission-critical operational technology (OT) assets have an insecure internet connection, and 36% of those contain at least one Known Exploited Vulnerability (KEV), making them both remotely accessible and readily exploitable entry points for threat actors to disrupt operations.

Published in Company news
Tagged under

COMPANY NEWS: Claroty, the cyber-physical systems (CPS) protection company, today released new proprietary data revealing that 38% of the riskiest CPS assets are overlooked by traditional approaches to vulnerability management, illuminating a major blind spot that is ripe for exploitation by threat actors. To address this blind spot, Claroty is introducing a complete built-for-purpose CPS exposure management solution, empowering organisations to minimise their attack surface by prioritising the most immediate threats.

Published in Company news
Tagged under

Cybersecurity firm Claroty has released a new threat detection module within its Medigate platform, which it says will boost cybersecurity standards in Australian healthcare organisations.

Published in Health

“State of CPS Security Report: Healthcare 2023” Reveals Startling Security Gaps in Medical Devices Directly Linked to Patient Care

Published in Guest Research

GUEST RESEARCH: In this blog, we’ll showcase our approach to researching and exploiting OPC UA client applications, where we combined classic OPC UA and OT knowledge with run-of-the-mill web vulnerabilities—combining “old” and “new” attack vectors—to uncover zero days in both clients. During our research journey, we managed to find similar vulnerable code patterns in both applications, exploiting the OPC UA client’s trust in the data it receives from the OPC UA server.

Published in Guest Research
Tagged under

GUEST RESEARCH: Real-time chat and video services available within many telemedicine, finance and smart IoT device applications used by millions of people, rely on the popular QuickBlox framework.

Published in Guest Research

COMPANY NEWS: Teltonika Networks specialises in manufacturing and developing networking devices, including routers, modems and industrial networking equipment.

Published in Company news

Cyber-physical system vulnerabilities disclosed in the second half of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by internal research and product security teams have increased by 80% over the same time period, according to the cyber-physical systems protection company Claroty.

Published in Security

GUEST RESEARCH: Web application firewalls (WAF) are designed to safeguard web-based applications and APIs from malicious external HTTPs traffic, most notably cross-site scripting and SQL injection attacks that just don’t seem to drop off the security radar.

Published in Guest Research
Tagged under

Vulnerability disclosures in IoT devices increased by 57% in the first half of 2022 compared to the previous six months, according to new research by security company Claroty.

Published in Security

COMPANY NEWS: Claroty, the security company for cyber-physical systems (CPS) across industrial, healthcare, and commercial environments, today announced the general availability of Claroty xDome, a new cloud-based industrial cybersecurity platform that drives cyber and operational resilience for modern industrial enterprises.

Published in Company news

GUEST RESEARCH: White-hat researchers, including Claroty’s Team82, have made relatively quick work of finding vulnerabilities in the software, firmware, and communication protocols governing devices that keep shop floors running, the lights on, the water clean, and fuel pumped from refineries to homes around the world.

Published in Guest Research
Thursday, 23 September 2021 12:19

Claroty discloses 11 vulnerabilities in Nagios

GUEST RESEARCH: The SolarWinds and Kaseya attacks were devastating intrusions at the heart of IT and network management supply chains. In each case, alleged state actors were able to infiltrate the mechanisms used by the vendors to ship software updates to customers, and infect those updates with malware, including ransomware, according to industrial security company Claroty.

Published in Guest Research

COMPANY NEWS Claroty, a leader in industrial cybersecurity, launches Team82, its new research arm dedicated to threat research reports, policies, and disclosures. It recently published a report that details vulnerabilities in cloud-based management platforms and the need to secure implementations.

Published in Security

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments