πŸ”’
❌
There are new articles available, click to refresh the page.
Today β€” 16 August 2022Pentest/Red Team

Save the Environment (Variable)

16 August 2022 at 00:00
By: @Wietze
By manipulating environment variables on process level, it is possible to let trusted applications load arbitrary DLLs and execute malicious code. This post lists nearly 100 executables vulnerable to this type of DLL Hijacking on Windows 11 (21H2); it is demonstrated how this can achieved with just three lines of VBScript.

Yesterday β€” 15 August 2022Pentest/Red Team

Securing operational technology: ICS, IoT, AI and more | Guest Francis Cianfrocca

15 August 2022 at 07:00
By: Infosec

If you want to learn more about working with operational technology (OT) and internet-connected devices, then don't miss today's episode with Francis Cianfrocca, CEO of Insight Cyber Group. He discusses security problems around OT and IoT systems and shares some surprising stories of intruders in the electrical grid. He also talks about why it’s so hard to secure a set of machines that often pre-date computer technology and the small changes in your community that can make huge differences in the entire security industry.

– Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free
– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast

0:00 - Free cybersecurity training resources
0:56 - Overview of today's episode
1:48 - Who is Francis Cianfrocca and Insight Cyber?Β 
2:15 - Getting into tech and cybersecurity
4:13 - Francis' job roles and companies
5:22 - Early days of ICS systems security
10:15 - CEO duties at a cybersecurity startupΒ 
12:19 - Why is infrastructure security so bad?
16:05 - Different approaches needed for ICS and IOT systems
20:23 - Catching intruders early on with industrial systems
22:45 - Using artificial intelligence in ICS security
24:50 - Bad actors are really good at reconnaissance
27:20 - ICS and IOT environments cannot have downtime
30:00 - Asset and behavioral inventory is difficult
31:42 - Real-world examples of rogue ICS software
36:30 - ICS vs. IOT security
42:57 - How to promote industrial security careers
46:07 - Impact of AI on cybersecurity careers
48:40 - Preparing for an ICS cybersecurity career
51:07 - What's Insight Cyber working on?
52:45 - Outro

About Infosec
Infosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

  • There are no more articles
❌