Skip to content

The OT & IoT Cybersecurity Feed

News Post SCADAfence Main-1

Hey, I’m SCADAGirl.

I’m a cybersecurity superhero that ensures that OT & IoT networks are safe.

Here is my commentary on the latest headlines in OT & IoT security.

 

News Post SCADAfence Siemens

ICS Advisory (ICSA-20-224-04) Siemens SCALANCE, RUGGEDCOM 

SCADAgirlSCADAfence Research – Siemens SCALANCE and RUGGEDCOM switches, as well as security network segmentation devices are exposed to a Remote Code Execution vulnerability. A successful exploitation can significantly lower the security of the target organization’s network by allowing attackers to access OT networks that are supposed to be protected by those devices.

Additionally, Siemens Desigo CC Windows Application, which is designed for controlling and programming Building Management Systems (BMS) is vulnerable to a Remote Code Execution vulnerability. A successful exploitation may result in the attackers controlling or sabotaging the BMS system.

News Post SCADAfence 7

Bugs in HDL Automation Expose IoT Devices to Remote Hijacking

SCADAgirlSCADAfence Research  – New vulnerabilities were discovered in an automation system for smart homes and buildings that allowed taking over accounts belonging to other users and control associated devices. The vulnerabilities found in those devices might allow attackers to take control of the building’s air conditioning system, lightning and more. For more on BMS security, click here.

News Post SCADAfence6

Vulnerable Perimeter Devices: A Huge Attack Surface

SCADAgirlSCADAfence Research – JSOF, a local team of cybersecurity researchers, released the second whitepaper on their DNS client exploitation vulnerability (CVE-2020-11901) that got CVSS score of 9.1. This was the vulnerability that was demonstrated in their video. They show this vulnerability to be really severe but in my opinion it is less severe than they market it. The vulnerability is the DNS client of target devices. Because most of the affected devices don’t use DNS at all (i.e,PLCs / OT devices / Medical devices) generally use direct IP addresses to communicate – not DNS hostnames, thus it is not possible to attack them. Also, if some of them do send DNS queries, you have to be in some sort of MITM to see them and send them a response with an exploit.

The latest vulnerabilities in various gateway servers possess a threat to organizations who didn’t patch. Research shows the various gateways exposed to the internet – F5 Big-IP (1M devices), Citrix NetScalar Gateway (80K devices), Palo Alto Global Protect (60K devices), Microsoft Remote Desktop Gateway (40K devices), amongst others. For more on IoT security, click here.

News Post SCADAfence1

ICS Advisory (ICSA-20-212-02) Mitsubishi Electric Multiple Factory Automation Engineering Software Products

SCADAgirlSCADAfence Research – Numerous Mitsubishi Engineering Software Products are vulnerable to remote code execution and denial of service vulnerabilities – A total of 3 vulnerabilities were discovered. Among the software impacted are Mitsubishi’s PLC programming software GX Works2 and GX Works3. Also other network configuration software are impacted. Successful exploitation of this vulnerability may allow threat actors to take over engineering workstations. For more vulnerabilities that we found in Mitsubishi Electric products, click here.

News Post SCADAfence2

ICS Advisory (ICSA-20-210-02) Softing Industrial Automation OPC

SCADAgirlSCADAfence Research – A buffer overflow allowing Remote Code Execution influencing all Softing Industrial Automation OPC products (OPC servers for PLCs & networks) was discovered. OPC is a way of communication in OT networks, thus, successful exploitation may result in controlling the OPC servers. Attackers leveraging this can cause sabotage to industrial processes.

CyberLink’s facial recognition engine FaceMe® to power LILIN’s connected devices, providing businesses with contactless access control management and visitor analytics

TAIPEI, TAIWAN – July 28 2020 – CyberLink Corp. (5203.TW), a pioneer in AI and facial recognition technologies, today announced it has formed a partnership with surveillance solution provider LILIN, leveraging new facial recognition technologies to create comprehensive smart security and retail solutions. CyberLink will license its FaceMe® facial recognition engine to LILIN, powering its NAV Facial Recognition Recorder, creating an all-in-one smart security, data analysis and warning solution.

With the combined technologies, LILIN’s connected video devices can provide businesses with a series of contactless solutions, such as granting verified personnel access to restricted areas within offices, factories or residential buildings through an opt-in photo identification system. The new offering can also provide retailers and hospitality operators with anonymized customer demographics to better understand their customer experience, such as identifying trending emotions patrons may feel when engaged in specific activities or visiting certain areas of a venue.

As the coronavirus pandemic continues to develop across the globe, CyberLink’s and LILIN’s joint facial recognition system uniquely provides businesses seeking contactless solutions the underlying technology to reduce the need for people to touch highly shared surfaces by replacing key cards or PIN passwords with biometric data.

“If there was ever a field worthy of continued research and innovation, it’s security,” said Dr. Jau Huang, CEO of CyberLink. “Without a doubt, LILIN is a global leader and manufacturer of IoT devices, and CyberLink is a worldwide pioneer developing facial recognition applications for connected devices. Together, we are setting a new standard for what makes a place secure by bringing to market new technologies that make our customers safer, and our businesses smarter.”

“LILIN has many years of smart security experience, providing insight into the market’s needs for creating a comprehensive intelligent security solution. LILIN is pleased to partner with CyberLink and integrates FaceMe® into our facial recognition system to strengthen smart retail, smart healthcare, smart factory, and smart business applications. Through continued efforts, I believe that LILIN will provide the most advanced total security solution for global customers.” said Mr. C.C. Hsu, LILIN’s President.

CyberLink and LILIN will host a webinar titled “Facial Recognition x Smart Security

Empowering Smart AIoT Applications”” on August 13, 2020 from 14:00-15:00 (GMT+8/Taipei time), further describing the many use cases enabled through the new product offering. For detailed event information and a registration link, please visit: https://is.gd/SfXQ7l

FaceMe’s® edge-based architecture empowers powerful, efficient processing, and higher levels of security compared to Cloud-based solutions. It supports more than 10 operating systems, including Windows, Android, iOS, and various Linux distributions such as Ubuntu x86, Ubuntu ARM, RedHat, CentOS, Yocto, Debian and JetPack. FaceMe’s® high accuracy, flexibility and security makes it the leading facial recognition engine available on the market today, and it is one of the world’s most accurate engines as deemed by the global standard NIST Facial Recognition Vendor Test.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com