YoVDO

Attacking Industrial Remote Controllers

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Command Injection Courses Security Assessment Courses Responsible Disclosure Courses Replay Attacks Courses

Course Description

Overview

Explore the vulnerabilities in radio-frequency (RF) remote controllers used in industrial applications through this conference talk from the Hack In The Box Security Conference. Delve into the security assessment that uncovered critical weaknesses in safety-critical IIoT applications, including manufacturing, construction, and transportation equipment. Learn about the lack of important security features and the use of obscure proprietary protocols instead of standards. Discover various attack vectors such as replay, command injection, e-stop abuse, malicious repairing, and reprogramming. Follow the speakers' journey through a 6-month responsible disclosure process, resulting in the release of 10 security advisories. Witness demonstrations that illustrate the problems in detail and gain valuable recommendations for vendors, users, and system integrators involved in the life-cycle of these devices.

Syllabus

#HITB2019AMS D2T1 - Attacking Industrial Remote Controllers - Marco Balduzzi and Federico Maggi


Taught by

Hack In The Box Security Conference

Related Courses

Hacking and Patching
University of Colorado System via Coursera
Identifying Security Vulnerabilities
University of California, Davis via Coursera
Specialized Testing: Command Injection
Pluralsight
Input Validation Testing with Burp Suite
Pluralsight
Ivanti Connect Secure VPN Vulnerability: What You Should Know
Pluralsight