15.February- cool announcements are coming soon - will lunch new Honeypot training opportunities - and other Honeypot activities are soon to be announced :-)
2018 are off to a great start - I will do the white-cell NSM (Network Security Management) on the S4x18 CTF 16-18 Jan 2018 in Miami South Beach. using opensource to protect ICS networks during the Capture The Flag (CTF) Competition.
30 June 2017 - How-to locate the CIA OutlawCountry kernel module on your Linux servers. Read my Technical analysis on CIA outlaw project
1 June 2017 - I am very happy to announce, that my 1-day ICS Honeypot special training class has been accepted @ cs3sthlm (previous 4SICS) in Stockholm on 24 Oct. During the day, the students will be guided in the different phases in planning, deploying and analyzing the collected data from a ICS/SCADA honeypot.We will deploy real live honeypots on the internet and see how attackers would start to probe our honeypots.Furthermore, we will also attack the deployed honeypots ourselves; using "SCADA" pen testing tools and similar software. Many ICS/SCADA security speakers will be announced soon! Come and join the fun, it is 24-26 October in Stockholm.
2. Dec 2016 - Moxa NPort Device VulnerabilitiesPlease note that ICS-CERT has released a new advisory regarding Moxa’s NPort serial device servers.(https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02) I happens to have found one of the vulnerabilities, and I would recommend assets owners (and everyone else) who have the affected devices to have the firmware updated at your earliest convenience.Moxa has released new firmware versions, which address the identified vulnerabilities in all but one of the affected NPort devices. Moxa recommends installing the new firmware version - further details can be found at the ICS-CERT advisory