The Radiflow Cyber-Security Blog
Hack the Modbus
SCADA/ ICS and similar MODBUS-based systems were always the target of many types of attacks. These systems become much more vulnerable. MODBUS communication protocol is a widespread communication standard in the critical infrastructures field…
Notes from Palo Alto Ignite 2019: helping system integrators bridge the IT-OT divide
Last week, Radiflow took part in Palo Alto Network’s Ignite 2019 conference, a meeting place for Palo Alto Network’s EMEA IT security partners, held in Barcelona, Spain. Radiflow participated…
CISS 2019: Where red teams and blue teams come together to protect water treatment systems
Last month I attended The International Critical Infrastructure Security Showdown (CISS) 2019 challenge as part of the Radiflow Blue team. (You can read all about the CISS challenge in our security brief, which describes each and every…
Bad Packets warns of over 14,500 Pulse Secure VPN Endpoints vulnerable to CVE-2019-11510
On August 22, BadPackets experts observed a mass scanning activity targeting Pulse Secure “Pulse Connect Secure” VPN endpoints vulnerable to CVE-2019-11510. BadPackets analyzed the number of Pulse Secure VPN endpoints vulnerable to the CVE-2019-11510…
Managed Cyber-Monitoring – The Next Evolution in Protecting OT Networks
The Radiflow Security BlogRecent attacks show that industrial cybersecurity requires expertise and tools that most operators do not possess. OT-MSSPs may be the solution. Case in point: The Norsk Hydro attack. By Michael Langer, Chief Products Officer Overview At the...
New Vulnerabilities potentially allowing a “wormable” WannaCry-like outbreak
The Radiflow Security BlogBy Radiflow CTO, Yehonatan Kfir Microsoft recently released a set of fixes for Remote Desktop Services (RDP) that include two critical Remote Code Execution (RCE) vulnerabilities that allow hackers spread malware to infect both your PC and...
Video: Radifow CTO, Yehanotan Kfir, discusses new concepts in ICS security
The Radiflow Security BlogRadiflow CTO, Yehonatan Kfir, presents new concepts in ICS SecurityMr. Kfir discussed "ICS Security - Beyond Visibility, Towards Analytics" at an event hosted by Tekniska, Poland.
Automatic Risk Evaluation of Cyber-Attack Vectors
The Radiflow Security BlogIn this post I will discuss risk evaluation of attack vectors and applying Radiflow’s cyber risk evaluation model, which is now incorporated into Radiflow’s iSID Industrial Threat Detection System.In general, OT networks have very high...
Insights into the Norsk Hydro Cyberattack: Using AD in IT/OT Networks
The Radiflow Security BlogOne of the world's biggest aluminum producers, multinational manufacturer Norsk Hydro, announced it had been hit by a ransomware attack of unknown origin, with hackers demanding a ransom.The attack caused severe damage to the corporate...