Apply to Attend: Nexus Conference 2024: Sept. 10-12
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts

Archive

All entries

In this episode of the Nexus Podcast, Alethe Denis, a senior security consultant at Bishop Fox, joins to discuss the ongoing effectiveness of open-source intelligence analysis and social engineering tactics as a precursor to larger intrusions against critical infrastructure.
Cyber Resilience
Healthcare
Industrial
Risk Management

Nexus Podcast: Alethe Denis on Social Engineering, Red-Teaming

Michael Mimoso
In OT and ICS cybersecurity, living off the land (LOTL) techniques refer to the practice of attackers using the existing tools and processes in a target system to carry out their malicious activities. This approach is particularly dangerous because it allows the attacker to blend in with everyday activities, making detection significantly more challenging.
Operational Technology
Cyber Resilience
Industrial

How Living-Off-The-Land Techniques Impact OT and ICS

Dan Ricci
In this episode of the Nexus Podcast, Claroty Team82 researcher Noam Moshe explains the challenges involved in gathering attack forensic artifacts from OT devices, in this case, Unitronics PLCs that were exploited in 2023 in attacks against water facilities in the U.S. and Israel.
Operational Technology
Industrial

Nexus Podcast: Noam Moshe on Extracting Forensic Data from Unitronics PLCs

Michael Mimoso
Typical OT network
Operational Technology
Industrial

The Purdue Model's Risky Blindspot

George V. Hulme
img_8610-(1)-(1).jpg
Healthcare
Industrial

Nexus 2023 in Miami

Relive the highlights of Nexus 2023, Claroty's annual cybersecurity conference for CISO and security leaders responsible for the safety of cyber-physical…
Michael Mimoso
nexus_nsa-ot-sigs.jpg
Operational Technology
Industrial

NSA's ELITEWOLF Signatures Detect Malicious Activity in OT Environments

George V. Hulme
nexus_secure-design.jpg
Operational Technology
Industrial
Operational Resilience

Overcoming Inherent Design and Security Limitations of OT Devices

Juan Piacquadio
Tim Hall
nexus_weber-cloud.jpg
Industrial

Conducting Gap Assessments to Secure Control Environments’ Cloud-based Solutions

Don C. Weber
nexus_poor-visibility.jpg
Operational Technology
Industrial

OT Asset Visibility: A Foundation for Secure Operations

George V. Hulme
The inherent security of new devices and software associated with managing the grid is shipping natively with better code and design quality, cutting down on commodity vulnerabilities.
Industrial
Operational Technology

Bulk Power System Risks Span Complexity, Vulnerabilities, Advanced Actors

George V. Hulme
Vulnerable physical security components, such as door locks and control cabinets, change at such a slow rate that weaknesses are likely to go undetected or are easily overlooked in industrial and healthcare environments.
Industrial
Operational Resilience

Overlook Physical Security Risks at Your Own Peril

Don C. Weber
Compensating controls are often the only cybersecurity options available to offset risk in operational technology environments still supporting legacy technology or end-of-life industrial control systems or field devices.
Industrial
Cyber Resilience

When Compensating Controls are Your Only Security Option

Dan Ricci

Latest on Nexus Podcast

See all episodes
The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.
In this episode of the Nexus Podcast, Alethe Denis, a senior security consultant at Bishop Fox, joins to discuss the ongoing effectiveness of open-source intelligence analysis and social engineering tactics as a precursor to larger intrusions against critical infrastructure.
Cyber Resilience
Healthcare
Industrial
Risk Management

Nexus Podcast: Alethe Denis on Social Engineering, Red-Teaming
On this episode of the Nexus Podcast, Alon Dankner of the Technion Institute in Israel explains his research into the Siemens S7 protocol and PLCs. A vulnerability uncovered during research allows an attacker to expose and steal private cryptographic keys by leveraging a severe vulnerability and configuration error.
Operational Technology

Nexus Podcast: Alon Dankner on Extracting Private Crypto Keys from PLCs
In this episode of the Nexus Podcast, Claroty Team82 researcher Noam Moshe explains the challenges involved in gathering attack forensic artifacts from OT devices, in this case, Unitronics PLCs that were exploited in 2023 in attacks against water facilities in the U.S. and Israel.
Operational Technology
Industrial

Nexus Podcast: Noam Moshe on Extracting Forensic Data from Unitronics PLCs