my tweets are severely limited by my lack of understanding of what I am doing.
Tip - if you want in to a bunch of factory networks, don't target the companies - target their ICS suppliers. Find names via case studies.
Pokaż ten wątek
There's a bunch of key ones which are embedded everywhere. They have IPsec VPNs to customer factory networks for support.
-
-
They will say they have 2FA etc. Find engineer on LinkedIn. Send a Word doc with macro RAT. Boom - you're behind firewalls.
Pokaż ten wątek -
Because vendors usually self managed black box VPN appliances at sites, the actual company doesn't see logs = doesn't know they are owned.
Pokaż ten wątek -
The vendors engineers are just that, engineers for XYZ piece of factory kit. They aren't Infosec. It's a neat design gap for 'air gap'.
Pokaż ten wątek -
The solution is to insist vendors use a company managed remote access system, which you monitor. Far easier said than done.
Pokaż ten wątek
Koniec rozmowy
Nowa rozmowa -
Wydaje się, że ładowanie zajmuje dużo czasu.
Twitter jest przeciążony lub wystąpił chwilowy problem. Spróbuj ponownie lub sprawdź status Twittera, aby uzyskać więcej informacji.