home.social

Search

1000 results for “OT_TC_Amateur”

  1. Michael Koerfer @[email protected] ·

    It's always a good idea to regularly refresh the electrical engineering knowledge acquired during your studies, it forms an important foundation for understanding ICS/OT systems.

    Because one thing is clear, stagnation is the first enemy you can actively combat.
    #electricalengineering #electronicsengineering #education #ICS #OT #cybersecurity

    #electricalengineering #electronicsengineering #education #ics #ot #cybersecurity
  2. Michael Koerfer @[email protected] ·

    It's always a good idea to regularly refresh the electrical engineering knowledge acquired during your studies, it forms an important foundation for understanding ICS/OT systems.

    Because one thing is clear, stagnation is the first enemy you can actively combat.
    #electricalengineering #electronicsengineering #education #ICS #OT #cybersecurity

    #cybersecurity #ot #ics #education #electronicsengineering #electricalengineering
  3. Franck ☠️ @[email protected] ·

    [OT] Épique
    #rêve
    open-time.net/post/2026/04/03/

    #reve
  4. Franck ☠️ @[email protected] ·

    [OT] Épique
    #rêve
    open-time.net/post/2026/04/03/

    #reve
  5. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-030
    MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow RCE, SQLi or information leakage.
    #CVE CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

    #ot #advisory #cve #csaf
  6. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-030
    MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow RCE, SQLi or information leakage.
    #CVE CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

    #ot #advisory #cve #csaf
  7. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-030
    MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24

    Multiple vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24 that could allow RCE, SQLi or information leakage.
    #CVE CVE-2026-33615, CVE-2026-33616, CVE-2026-33614, CVE-2026-33613, CVE-2026-33617

    certvde.com/en/advisories/vde-

    #CSAF mbconnectline.csaf-tp.certvde.

    #csaf #cve #advisory #ot
  8. Franck ☠️ @[email protected] ·

    [OT] Vous savez quoi ?
    #dotclear
    open-time.net/post/2026/04/02/

    #dotclear
  9. Franck ☠️ @[email protected] ·

    [OT] Vous savez quoi ?
    #dotclear
    open-time.net/post/2026/04/02/

    #dotclear
  10. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-003
    Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

    Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
    #CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

    certvde.com/en/advisories/vde-

    #CSAF endress-hauser.csaf-tp.certvde

    #ot #advisory #cve #csaf
  11. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-003
    Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

    Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
    #CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

    certvde.com/en/advisories/vde-

    #CSAF endress-hauser.csaf-tp.certvde

    #ot #advisory #cve #csaf
  12. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-003
    Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime

    Multiple Endress+Hauser devices are prone to vulnerabilities found in e!Runtime and the CODESYS V3 framework.
    #CVE CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47382, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-47391, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378

    certvde.com/en/advisories/vde-

    #CSAF endress-hauser.csaf-tp.certvde

    #csaf #cve #advisory #ot
  13. Franck ☠️ @[email protected] ·

    [OT] C'est léger
    #dotclear #développement #interface #UX
    open-time.net/post/2026/03/31/

    #dotclear #developpement #interface #ux
  14. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-021
    WAGO: Multiple Vulnerabilities in WAGO VC Hub

    The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images.
    #CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #ot #advisory #cve #csaf
  15. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-021
    WAGO: Multiple Vulnerabilities in WAGO VC Hub

    The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images.
    #CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #ot #advisory #cve #csaf
  16. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-021
    WAGO: Multiple Vulnerabilities in WAGO VC Hub

    The VC Hub incorporates the Magick.NET‑Q16‑AnyCPU component, derived from ImageMagick, to process user‑uploaded images and generate thumbnails within the projects image library. Only authenticated users with the Design Project Permission can upload images.
    #CVE CVE-2026-25983, CVE-2026-25897, CVE-2026-25987, CVE-2026-25898, CVE-2026-25794, CVE-2026-28693, CVE-2026-25966, CVE-2026-30929, CVE-2026-28691, CVE-2026-26283, CVE-2026-26066, CVE-2026-25989, CVE-2026-25988, CVE-2026-25985, CVE-2026-25969, CVE-2026-25967, CVE-2026-25965, CVE-2026-25799, CVE-2026-25798, CVE-2026-25796, CVE-2026-25795, CVE-2026-24485, CVE-2026-24481, CVE-2026-28494, CVE-2026-30937, CVE-2026-30931, CVE-2026-28686, CVE-2026-28690, CVE-2026-28493, CVE-2026-28689, CVE-2026-30883, CVE-2026-31853, CVE-2026-30936, CVE-2026-28687, CVE-2026-28688, CVE-2026-26983, CVE-2026-25797, CVE-2026-25638, CVE-2026-25637, CVE-2026-24484, CVE-2026-25576, CVE-2026-28692, CVE-2026-30935, CVE-2026-27799, CVE-2026-27798

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #csaf #cve #advisory #ot
  17. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-010
    WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere

    Multiple vulnerabilities have been identified in WAGO Solution Builder and WAGO Device Sphere that affect components responsible for authentication and system communication.
    #CVE CVE-2025-55315, CVE-2026-2328

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #ot #advisory #cve #csaf
  18. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-010
    WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere

    Multiple vulnerabilities have been identified in WAGO Solution Builder and WAGO Device Sphere that affect components responsible for authentication and system communication.
    #CVE CVE-2025-55315, CVE-2026-2328

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #ot #advisory #cve #csaf
  19. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-010
    WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere

    Multiple vulnerabilities have been identified in WAGO Solution Builder and WAGO Device Sphere that affect components responsible for authentication and system communication.
    #CVE CVE-2025-55315, CVE-2026-2328

    certvde.com/en/advisories/vde-

    #CSAF wago.csaf-tp.certvde.com/.well

    #csaf #cve #advisory #ot
  20. Michael Koerfer @[email protected] ·

    @RoganDawes I felt something was missing in my IT/OT dropboxes, and these have surpassed Phantap in terms of functionality and capabilities for years now.

    The difference between an OT dropbox and an IT dropbox lies in their intended use and functionality.

    Please excuse me for not revealing more, but I protect my work and research. All too often, companies like hak5... have misused the work of others for their own commercial purposes, and I won’t tolerate that. There will be discussions about the boxes, and the dropboxes will be sent to people I know personally at #INL, #CISA, #Iberdrola, and others.

    And since I was asked: my employer won’t be getting a single one, for good reason.

    #inl #cisa #iberdrola
  21. Michael Koerfer @[email protected] ·

    @RoganDawes I felt something was missing in my IT/OT dropboxes, and these have surpassed Phantap in terms of functionality and capabilities for years now.

    The difference between an OT dropbox and an IT dropbox lies in their intended use and functionality.

    Please excuse me for not revealing more, but I protect my work and research. All too often, companies like hak5... have misused the work of others for their own commercial purposes, and I won’t tolerate that. There will be discussions about the boxes, and the dropboxes will be sent to people I know personally at #INL, #CISA, #Iberdrola, and others.

    And since I was asked: my employer won’t be getting a single one, for good reason.

    #inl #cisa #iberdrola
  22. Michael Koerfer @[email protected] ·

    In my free time over the coming weeks and months, I’ll be working on a new version of my pentest dropboxes for IT and OT, and I’ll be turning the projects “Lemon” and “Motion”, which are still on paper, into reality.

    And since people keep asking, I don’t have a sponsor and pay for everything out of my own pocket because that’s the only way I can stay creative and independent.

    #Cybersecurity #OT #IT #Network #Hardwarehacking #SCADA #ICS #Research #OpenSource #foss

    #cybersecurity #ot #it #network #hardwarehacking #scada
  23. Franck ☠️ @[email protected] ·

    [OT] La sauvegarde est déjà utilisée
    #macos #sauvegarde
    open-time.net/post/2026/03/25/

    #macos #sauvegarde
  24. CyberNetsecIO @[email protected] ·

    📰 Network Gear Surpasses Endpoints as Top Cyber Risk, Forescout Warns

    🔄 Risk shift: Network gear like routers & switches are now the #1 riskiest devices, surpassing endpoints, warns Forescout. Attackers are targeting the 'messy middle' of networks for lateral movement. #CyberSecurity #Forescout #IoT #OT

    🔗 cyber.netsecops.io/articles/ne

    #ot #iot #forescout #cybersecurity
  25. CERT@VDE @[email protected] ·

    #OT #Advisory VDE-2026-018
    CODESYS Control V3 - Externally-controlled format string in Auditlog

    The CODESYS Control runtime system's CmpAuditLog component allows potentially unauthenticated remote attackers to control the format string of processed log messages. Due to the internal processing logic, the impact is limited to a crash of the CODESYS Control runtime.
    #CVE CVE-2026-3509

    certvde.com/en/advisories/vde-

    #CSAF codesys.csaf-tp.certvde.com/.w

    #ot #advisory #cve #csaf
  26. Franck ☠️ @[email protected] ·

    [OT] Attation
    #dotclear
    open-time.net/post/2026/03/24/

    #dotclear
  27. Michael Koerfer @[email protected] ·

    I just realized that so many people in the company simply don’t understand, or don’t want to understand, the Purdue Model!

    The Purdue Model is a functional model. Its origins have nothing to do with cybersecurity. It was adopted for cybersecurity, but not as a “zone” model. Its purpose is to define the functional layers at which different methods and tools are used. You don’t simply use typical IT tools at the lower levels!

    The DMZ was added much later, as the model evolved into a cybersecurity model. “Additional segmentation can be performed using the concept of zones and conduits described in ISA 62443.” The layers are not intended to define a zone per se. Anyone who does not divide the layers into discrete security zones based on an analysis should not even attempt to work in this (OT) area!

    Furthermore, individuals have the flexibility to design their own separation, segmentation, and zone configuration within each architecture, taking into account specific functional and application-related requirements. This approach enables the creation of a robust defense in depth, with the Purdue model serving as a guide while allowing for customization as needed, without rigid requirements.

    I will not show these guys how the ISA62443 and the Purde model match. Because I expect that experts can do it and those who can't do it have to learn.

    #OTSecurity #Cybersecurity #ICS #Purdue

    #otsecurity #cybersecurity #ics #purdue
  28. Prof. Dr. Dennis-Kenji Kipker @[email protected] ·

    Keine sichere #OT ohne sichere #IT: Längst gibt es keine Brandmauer mehr wie einst zwischen der Anlagen- und Computersicherheit.

    Vernetzte Steuerungen bieten mittlerweile Angriffsflächen, die es bei rein mechanischen Systemen nicht gibt und in der Vergangenheit auch nicht gab.

    So kann z.B. ein #Cyberangriff auf viele hunderte #Aufzüge zugleich stattfinden und dazu führen, dass Menschen tagelang ausharren müssen, weil nicht genug Kapazitäten für ihre Rettung existieren:

    tuev-verband.de/pressemitteilu

    #ot #it #cyberangriff #aufzuge
  29. Daniele Mattioli® 🍉 @[email protected] ·

    OT. "L' #autotune correttivo di oggi non è quello degli inizi, che era un effetto come il distorsore: ha rotto il cazzo in una maniera mai vista." #ManuelAgnelli mi toglie le parole di bocca.

    #autotune #manuelagnelli
  30. Franck ☠️ @[email protected] ·

    [OT] Vicieuserie
    #dotclear #développement
    open-time.net/post/2026/03/16/

    #dotclear #developpement
Next page