What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-04-01 16:18:36 | Analyse cyber-physique des armes des systèmes de détection de destruction massive: Partie 1 - Darpa \\ 's Sigma Cyber-Physical Analysis of Weapons of Mass Destruction Detection Systems: Part 1 - DARPA\\'s SIGMA (lien direct) |
Index1. Introduction2. Practical Gamma Spectroscopy for Security Researchers3. SIGMA Network4. ConclusionsDisclaimerTo avoid any misunderstandings, I want to clarify that all the information in this post is based on open-source intelligence, publicly available documents, and reverse engineering. I have not attempted to compromise or replicate any potential attacks on internet-facing SIGMA systems. Instead, I conducted a simple, non-invasive reconnaissance phase, which involved accessing public websites, reviewing their source code, and examining generic endpoints to gather general information, such as system versions. A month before publishing this post, I gave a heads-up about it to those who needed to be informed.Introduction  This is the first part of a series on the cyber-physical analysis of weapons of mass destruction detection systems, focusing on technologies like CBRN networks and nuclear safeguards. These posts will cover how these systems integrate physical methods with cyber capabilities to counter potential threats. By analyzing both the hardware and software components, I aim to highlight the challenges and advancements in ensuring these systems function effectively in real-world scenarios, as well as some of the vulnerabilities, exploits, and security-related issues discovered during the research. Above all, the goal is to contribute to a better understanding of these systems and encourage critical thinking, especially in these challenging times.Thirty years ago, the Japanese apocalyptic cult \'Aum Shinrikyo\' managed to fabricate sarin gas in-house and released it in multiple trains during rush hour on the Tokyo subway system. The deadly nerve agent killed 14 people, injured over 1000, and caused severe health issues for thousands more. Initial reports only mentioned \'an explosion in the subway,\' causing the first 30 police officers who arrived at the scene to overlook the possibility of a chemical attack. As a result, they were exposed to and harmed by the sarin gas, which also delayed their ability to provide a timely and proper response to the other victims.Could a similar event happen today in a modern city? Probably yes, but at least in theory, it would be orders of magnitude harder for the perpetrators to achieve their goals. Even if they succeeded, the immediate aftermath (essentially the ability to mitigate the consequences), would (is expected to) be managed much more effectively, due to technological progress in countering Chemical, Biological, Radiological, |
Tool Vulnerability Threat General Information Legislation Mobile Prediction Cloud Commercial | ★★ | |
|
2024-10-01 12:10:41 | Une analyse pratique des attaques cyber-physiques contre les réacteurs nucléaires A Practical Analysis of Cyber-Physical Attacks Against Nuclear Reactors (lien direct) |
il y a un an, peu de temps après avoir présenté le Chernobyl Research , j'ai été surpris pour découvrir que A Plethora of Brand-Nwi (2e génération) Des composants étaient disponibles sur eBay. Framatome\'s Teleperm XS (TXS) is a digital Instrumentation & Control platform designed specifically for use in safety systems in Nuclear power plants, as a replacement pour ou améliorent leurs homologues analogiques. C'est l'une des plates-formes I&C de sécurité numérique les plus utilisées, soutenant la principale ligne de défense (système de protection des réacteurs, système d'actionnement des caractéristiques de sécurité conçue) dans des dizaines de réacteurs nucléaires à l'échelle mondiale, y compris l'Europe, les États-Unis, la Russie et la Chine. Évidemment, qui a été une bonne opportunité pour conférer à la plus grande importance des modernes de sécurité numérique, donc j'ai acheté des modernes TX sur le monde. C'était le point de départ de la recherche que je libère aujourd'hui: " une analyse pratique des attaques cyber-physiques contre les réacteurs nucléaires ". | Tool Technical Commercial | ★★★★ | |
|
2024-01-15 16:59:43 | Que s'est-il vraiment passé à Tchernobyl au début de l'invasion russe? What Really Happened in Chernobyl During the Beginning of the Russian Invasion? (lien direct) |
This blog post contains the web version of my research paper: "Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication", which was unveiled at BlackHat USA 2023. It is intended to ease the indexing and dissemination of the information collected during this research. In a few days, I\'ll be in Brussels presenting this research. The original paper (PDF) can be downloaded here.Additional references:https://www.wired.com/story/chernobyl-radiation-spike-mystery/ (Kim Zetter)https://www.zetter-zeroday.com/p/radiation-spikes-at-chernobyl-a-mystery (Kim Zetter)https://medium.com/war-notes/chornobyl-3-92216d21b223 (Olegh Bondarenko) INDEXForeword Executive summary Introduction 1. Physical 1986 Resuspension Transport Humidity Traffic 2. Cyber |
Malware Vulnerability Mobile Industrial Prediction Cloud Conference Technical Commercial | ★★★ | |
|
2023-02-10 11:06:16 | Terminaux de Satcom attaqués en Europe: une analyse plausible. SATCOM terminals under attack in Europe: a plausible analysis. (lien direct) |
------Update 03/12/2022Reuters has published new information on this incident, which initially matches the proposed scenario. You can find the update at the bottom of this post.------February 24th: at the same time Russia initiated a full-scale attack on Ukraine, tens of thousands of KA-SAT SATCOM terminals suddenly stopped working in several european countries: Germany, Ukraine, Greece, Hungary, Poland...Germany\'s Enercon moved forward and acknowledged that approximately 5800 of its wind turbines, presumably those remotely operated via a SATCOM link in central Europe, had lost contact with their SCADA server. In the affected countries, a significant part of the customers of Eutelsat\'s domestic broadband service were also unable to access Internet. From the very beginning Eutelsat and its parent company Viasat, stated that the issue was being investigated as a cyberattack. Since then, details have been scarcely provided but few days ago I came across a really interesting video in the following tweet.In the video, the Commander General Michel Friedling confirms that the incident was originated by a cyberattack. However, he also provides a key detail that has the potential to turn a boring DDoS scenario, as some initially pointed out, into something much more interesting: "the terminals have been damaged, made inoperable and probably cannot be repaired" Based on the information publicly available and my experience researching into SATCOM terminals I\'ll try to present a plausible explanation for such a destructive attack. IntroductionPlease note that this is merely a speculative exercise, although backed by a realistic technical reasoning...anyway probably I\'m totally wrong.Back in 2014 and then in 2018 I presented at BlackHat USA two different papers mainly focused on evaluating the security posture of multiple SATCOM terminals, by uncovering a plethora of vulnerabilities and real-world scenarios across different sectors. Within these papers the reader can find an introduction to the SATCOM architecture, threat scenarios and some technical terms that will be used during this blog post.2014 - A Wake-Up call for SATCOM Security |
Vulnerability Threat Technical Commercial | ★★★★ | |
|
2022-08-03 12:05:12 | J'ai un gamma frappuccino, s'il vous plaît. I\\'ll have a Gamma Frappuccino, please. (lien direct) |
A recent story has been making the rounds: "Hundreds of Nuclear Radiation Monitors Were Allegedly Hacked by Former Repairmen". Basically, it seems that more than a year ago two disgruntled employees sabotaged +300 radiation monitoring devices, which were part of a nation-wide civil radiation monitoring network (RAR) in Spain. On top of that, they were apparently using the free WiFi of a Starbucks to carry out their activities. Obviously not being the sharpest tool in the box they were eventually caught.In this story there is a boring part, which is everything related to these guys and their motivations, and a slightly more interesting part which is the underlying technology behind Radiation Monitoring Networks (RMN).In 2017 I presented at BlackHat USA \'Go Nuclear: Breaking Radiation Monitoring Devices", so I thought it could be interesting to write a brief post to provide some context.The NeverEnding storyAs in most \'disgruntled employee\' attacks, the initial motivation behind the sabotage seems to be a \'poorly assessed\' reaction to a troubled employment relationship. According to the information publicly released by the police the attacks started on March 2021. Coincidentally, by using the public procurement portal of the Spanish State, we can find that, in 2020, a public contract to support and maintain the RAR network was announced, as the valid one at that time was about to expire in Feb 2021. Anyway, if you\'re interested in the technology, public procurement documents always provide a lot of information when you are researching into nation-wide systems. As expected, it is possible to find some interesting bits of information about the RAR network, including its topology, devices, deployments... The radiation monitoring devices are provided by Envinet. Indra seems to have developed some Data Acquisition Units as well as the Control System. |
Tool Legislation Industrial Commercial | ★★★ | |
|
2022-04-21 12:59:05 | Le gars avec des outils rudimentaires qui ont excité des choses The guy with rudimentary tools who hyped things (lien direct) |
I\'ve just released a new research that describes in detail the reverse engineering methodology and vulnerabilities found in a DAL-A, safety-critical, certified avionics component: Collins\' Pro Line Fusion - AFD-3700, a LynxOS-178 based system deployed in both commercial and military aircraft. At the time of writing this I don\'t know exactly what will happen after the disclosure. However, this time, I certainly know what will not happen. I understand this statement does sound a little bit cryptic, so you should keep reading to understand the context; from where this situation is coming and why this point has been reached. Right, the title is probably more suited for a cheap sequel of Stieg Larsson\'s "Millenium" trilogy rather than for the usual technical contents I publish over here, so for the fans of that saga I would kindly ask you to forgive the liberty of giving myself that license. You\'ll understand that title afterwards.This post contains traces of a \'plot\' spanning several years now. As a compulsive fiction reader I didn\'t want to miss this opportunity to follow a dramatic structure, thus having a little bit of fun out of situation that, for me, has been everything but fun. That said, I\'ve learnt a lot along the way, which is probably the only thing that paid off.In this story there are no evil or good characters, I guess it\'s just people doing their job the best they can. Obviously there has to be some kind of conflict, which emerges from the fact that the nature of their jobs, although theoretically pursuing the same objectives, usually makes them clash. There is also an escalation on the action over the years, some plot twists included, until reaching a high tension moment that determines how the conflict will be resolved. The resolution is yet to be written...As one would have expected I\'ll write this story from my perspective, others may have a different one. Let\'s start.Index1. 20182. 20193. 20204. 20215. 20226. Paper7. Personal Statement2018.During a flight to Copenhagen, aboard a Norwegian Boeing 737, I noticed something weird in the In-Flight WiFi, which was provided by a satellite network. Once at the hotel I found out it was possible to reach, over the internet through a misconfigured SATCOM infrastructure, tens of in-flight aircraft from different airlines. We coordinated |
Hack Tool Vulnerability Threat Studies Industrial Conference Technical Commercial | ★★★ |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
