Displaying items by tag: Team82

“State of CPS Security: Healthcare Exposures 2025” Highlights the Most Urgent Healthcare Device and Network Vulnerabilities, Including OT Risks in Hospitals

Founder of Claroty’s Team82 and Former VP Research to Drive Innovation Across Products, Services, and Operations

On Jan. 30, The Cybersecurity Infrastructure & Security Agency (CISA) released an alert, complemented by a notification from the US FDA suggesting that the Contec CMS8000 patient monitor and OEM white-label variants contain a backdoor communicating to a Chinese IP address.

GUEST RESEACH:  “State of CPS Security 2025: OT Exposures” Reveals the OT Device Exposures Most Coveted for Exploitation by Adversaries

GUEST RESEARCH:

Executive Summary

• Team82 has researched devices manufactured by Ruijie Networks and discovered 10 vulnerabilities in its Reyee cloud management platform
• These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices
• The vulnerabilities, if exploited, could allow a malicious attacker to execute code on any cloud-enabled device, giving them the ability to control tens of thousands of devices
• In addition, Team82 has devised an attack called Open Sesame, in which an attacker can pinpoint exploit a device in close physical proximity through the cloud, executing arbitrary code on it and gaining access to its internal network

COMPANY NEWS: Claroty, the cyber-physical systems (CPS) protection company, today announced new proprietary data revealing that 13% of the most mission-critical operational technology (OT) assets have an insecure internet connection, and 36% of those contain at least one Known Exploited Vulnerability (KEV), making them both remotely accessible and readily exploitable entry points for threat actors to disrupt operations.

COMPANY NEWS: Claroty, the cyber-physical systems (CPS) protection company, today released new proprietary data revealing that 38% of the riskiest CPS assets are overlooked by traditional approaches to vulnerability management, illuminating a major blind spot that is ripe for exploitation by threat actors. To address this blind spot, Claroty is introducing a complete built-for-purpose CPS exposure management solution, empowering organisations to minimise their attack surface by prioritising the most immediate threats.

Cybersecurity firm Claroty has released a new threat detection module within its Medigate platform, which it says will boost cybersecurity standards in Australian healthcare organisations.

“State of CPS Security Report: Healthcare 2023” Reveals Startling Security Gaps in Medical Devices Directly Linked to Patient Care

GUEST RESEARCH: In this blog, we’ll showcase our approach to researching and exploiting OPC UA client applications, where we combined classic OPC UA and OT knowledge with run-of-the-mill web vulnerabilities—combining “old” and “new” attack vectors—to uncover zero days in both clients. During our research journey, we managed to find similar vulnerable code patterns in both applications, exploiting the OPC UA client’s trust in the data it receives from the OPC UA server.

GUEST RESEARCH: Real-time chat and video services available within many telemedicine, finance and smart IoT device applications used by millions of people, rely on the popular QuickBlox framework.

COMPANY NEWS: Teltonika Networks specialises in manufacturing and developing networking devices, including routers, modems and industrial networking equipment.

Cyber-physical system vulnerabilities disclosed in the second half of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by internal research and product security teams have increased by 80% over the same time period, according to the cyber-physical systems protection company Claroty.

GUEST RESEARCH: Web application firewalls (WAF) are designed to safeguard web-based applications and APIs from malicious external HTTPs traffic, most notably cross-site scripting and SQL injection attacks that just don’t seem to drop off the security radar.

Vulnerability disclosures in IoT devices increased by 57% in the first half of 2022 compared to the previous six months, according to new research by security company Claroty.

COMPANY NEWS: Claroty, the security company for cyber-physical systems (CPS) across industrial, healthcare, and commercial environments, today announced the general availability of Claroty xDome, a new cloud-based industrial cybersecurity platform that drives cyber and operational resilience for modern industrial enterprises.

GUEST RESEARCH: White-hat researchers, including Claroty’s Team82, have made relatively quick work of finding vulnerabilities in the software, firmware, and communication protocols governing devices that keep shop floors running, the lights on, the water clean, and fuel pumped from refineries to homes around the world.

GUEST RESEARCH: The SolarWinds and Kaseya attacks were devastating intrusions at the heart of IT and network management supply chains. In each case, alleged state actors were able to infiltrate the mechanisms used by the vendors to ship software updates to customers, and infect those updates with malware, including ransomware, according to industrial security company Claroty.

COMPANY NEWS Claroty, a leader in industrial cybersecurity, launches Team82, its new research arm dedicated to threat research reports, policies, and disclosures. It recently published a report that details vulnerabilities in cloud-based management platforms and the need to secure implementations.