IoT/ICS Security & Malware
اینترنت اشیاء (IoT) چیست؟ یک مرور کلی توصیه میکنم همه ی اعضا بخونند این فایل به زبان فارسی است . لطفا این پیام را فوروارد کنید تا اونهایی که علاقه مند به iot هستند عضو شوند و شروع به یاد گیری بکنند . ممنون از حمایتتون. بخشی از فایل آموزشی: خطر اتصال…
What is the Internet of Things? @Sh4rkD4rk.pdf
1 MB
Now Mirai Malware Attack as Miori delivered via Delivered via Remote Code Execution Exploit
https://link.medium.com/XCh5wqDxd7
#malware
#iot
@iotpenetrationTest
https://link.medium.com/XCh5wqDxd7
#malware
#iot
@iotpenetrationTest
IOT Pentesting OSes :
Sigint OS- LTE IMSI Catcher
Instatn-gnuradio OS - For Radio Signals Testing
AttifyOS - IoT Pentest OS - by Aditya Gupta
Ubutnu Best Host Linux for IoT's - Use LTS
Internet of Things - Penetration Testing OS
Dragon OS - DEBIAN LINUX WITH PREINSTALLED OPEN SOURCE SDR SOFTWARE
EmbedOS - Embedded security testing virtual machine
Skywave Linux- Software Defined Radio for Global Online Listening
A Small, Scalable Open Source RTOS for IoT Embedded Devices
#iot
#os
@iotpenetrationTest
Sigint OS- LTE IMSI Catcher
Instatn-gnuradio OS - For Radio Signals Testing
AttifyOS - IoT Pentest OS - by Aditya Gupta
Ubutnu Best Host Linux for IoT's - Use LTS
Internet of Things - Penetration Testing OS
Dragon OS - DEBIAN LINUX WITH PREINSTALLED OPEN SOURCE SDR SOFTWARE
EmbedOS - Embedded security testing virtual machine
Skywave Linux- Software Defined Radio for Global Online Listening
A Small, Scalable Open Source RTOS for IoT Embedded Devices
#iot
#os
@iotpenetrationTest
Media is too big
VIEW IN TELEGRAM
iot malware: comprehensive survey, Analysis Framework and case Studies
#malware
#blackhat
#iot
t.iss.one/iotpenetrationTest
#malware
#blackhat
#iot
t.iss.one/iotpenetrationTest
امنیت اسکادا:
شبکه اروپا برای امنیت سایبری (ENCS) و انجمن اپراتورهای سیستم توزیع اروپا (E.DSO) الزامات امنیتی برای اتوماسیون توزیع را منتشر می کنند:
- DA-401-19:
طرح آزمون امنیتی برای RTU های اتوماسیون توزیع
https://encs.eu/encs-document/security-test-plan-for-da-rtus/
- DA-301-19:
الزامات امنیتی برای تهیه RTU های DA
https://encs.eu/encs-document/security-requirements-for-procuring-da-rtus/
- DA-201-19:
معماری امنیتی برای سیستم های اتوماسیون توزیع
https://encs.eu/encs-document/security-architecture-for-da-systems/
============
#Scada
#Security
@iotpenetrationTest
شبکه اروپا برای امنیت سایبری (ENCS) و انجمن اپراتورهای سیستم توزیع اروپا (E.DSO) الزامات امنیتی برای اتوماسیون توزیع را منتشر می کنند:
- DA-401-19:
طرح آزمون امنیتی برای RTU های اتوماسیون توزیع
https://encs.eu/encs-document/security-test-plan-for-da-rtus/
- DA-301-19:
الزامات امنیتی برای تهیه RTU های DA
https://encs.eu/encs-document/security-requirements-for-procuring-da-rtus/
- DA-201-19:
معماری امنیتی برای سیستم های اتوماسیون توزیع
https://encs.eu/encs-document/security-architecture-for-da-systems/
============
#Scada
#Security
@iotpenetrationTest
NIST Releases Draft Security Feature Recommendations for IoT Devices
https://www.nist.gov/news-events/news/2019/08/nist-releases-draft-security-feature-recommendations-iot-devices
#IOT
#NIST
_____________
t.iss.one/iotpenetrationTest
https://www.nist.gov/news-events/news/2019/08/nist-releases-draft-security-feature-recommendations-iot-devices
#IOT
#NIST
_____________
t.iss.one/iotpenetrationTest
NIST
NIST Releases Draft Security Feature Recommendations for IoT Devices
Appliances from refrigerators to thermostats are now available in models that interact with a wireless network, making them easier to control with a computer
#نقشه_راه_ورود_به_تست_نفوذ_اینترنت_اشیاء
#Roadmap #Iot
نقشه راه برای کسانی که میخواهند وارد دنیای تست نفوذ Iot بشند .
سوالی پیش اومد حتما بپرسید ...
برای اولین بار در ایران
@IotPenetrationTesting
#Roadmap #Iot
نقشه راه برای کسانی که میخواهند وارد دنیای تست نفوذ Iot بشند .
سوالی پیش اومد حتما بپرسید ...
برای اولین بار در ایران
@IotPenetrationTesting
New malware infects Android TVs, IoT devices in 84 nations - Latest News | Gadgets Now
https://www.gadgetsnow.com/tech-news/new-malware-infects-android-tvs-iot-devices-in-84-nations/articleshow/78442563.cms
#Iot
#malware
t.iss.one/iotpenetrationTest
https://www.gadgetsnow.com/tech-news/new-malware-infects-android-tvs-iot-devices-in-84-nations/articleshow/78442563.cms
#Iot
#malware
t.iss.one/iotpenetrationTest
Hackers hijack Telegram, email accounts in SS7 mobile attack
https://www.bleepingcomputer.com/news/security/hackers-hijack-telegram-email-accounts-in-ss7-mobile-attack/amp/?__twitter_impression=true&s=09
#attack
#SS7
#hijack
@IotPenetrationTest
https://www.bleepingcomputer.com/news/security/hackers-hijack-telegram-email-accounts-in-ss7-mobile-attack/amp/?__twitter_impression=true&s=09
#attack
#SS7
#hijack
@IotPenetrationTest
IoT Security:
1. Inside Amazon’s Ring Alarm System
https://medium.com/tenable-techblog/inside-amazons-ring-alarm-system-9731bc519974
2. Research:
"A survey of IoT protocols and their security issues through the lens of a generic IoT stack", 2020 (.pdf).
https://www.google.com/url?sa=t&source=web&rct=j&url=https://hal.inria.fr/hal-02918332/file/A-survey-of-IoT-protocols-and-their-security-issues-through-the-lens-of-a-generic-IoT-stack.pdf&ved=2ahUKEwid2-e0zN3sAhUnmYsKHVNBCVIQFjABegQIAxAB&usg=AOvVaw19VghdxBs6JbgX8Qig37tw
#iot
#alarmSystem
#Amazon
__________
@iotpenetrationTest
1. Inside Amazon’s Ring Alarm System
https://medium.com/tenable-techblog/inside-amazons-ring-alarm-system-9731bc519974
2. Research:
"A survey of IoT protocols and their security issues through the lens of a generic IoT stack", 2020 (.pdf).
https://www.google.com/url?sa=t&source=web&rct=j&url=https://hal.inria.fr/hal-02918332/file/A-survey-of-IoT-protocols-and-their-security-issues-through-the-lens-of-a-generic-IoT-stack.pdf&ved=2ahUKEwid2-e0zN3sAhUnmYsKHVNBCVIQFjABegQIAxAB&usg=AOvVaw19VghdxBs6JbgX8Qig37tw
#iot
#alarmSystem
#Amazon
__________
@iotpenetrationTest
An_Overview_of_UPnP_based_IoT_Security(@iotpenetrationTest).pdf
687 KB
Research:
"An Overview of UPnP-based IoT Security: Threats, Vulnerabilities, and Prospective Solutions", 2020.
#Iot
@iotpenetrationTest
"An Overview of UPnP-based IoT Security: Threats, Vulnerabilities, and Prospective Solutions", 2020.
#Iot
@iotpenetrationTest
Malware analysis:
1. Agent Tesla Infostealer Has New Distribution Techniques
https://blog.morphisec.com/agent-tesla-a-day-in-a-life-of-ir
2. When Threat Actors Fly Under the Radar:
Vatet, PyXie and Defray777
https://unit42.paloaltonetworks.com/vatet-pyxie-defray777
#malware
#Iot
#AnalysMalware
t.iss.one/iotpenetrationTest
1. Agent Tesla Infostealer Has New Distribution Techniques
https://blog.morphisec.com/agent-tesla-a-day-in-a-life-of-ir
2. When Threat Actors Fly Under the Radar:
Vatet, PyXie and Defray777
https://unit42.paloaltonetworks.com/vatet-pyxie-defray777
#malware
#Iot
#AnalysMalware
t.iss.one/iotpenetrationTest
IoT Security: How to Search for Vulnerable Connected Devices - Pentestmag
چگونه می توان دستگاه های متصل آسیب پذیر را جستجو کرد.
https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/
#Iot
#Vulnerable
#Device
@iotpenetrationTest
چگونه می توان دستگاه های متصل آسیب پذیر را جستجو کرد.
https://pentestmag.com/iot-security-how-to-search-for-vulnerable-connected-devices/
#Iot
#Vulnerable
#Device
@iotpenetrationTest
BLE-Security-Attack-Defence
https://github.com/Charmve/BLE-Security-Attack-Defence
#bluetooth
#attack
t.iss.one/iotpenetrationTest
https://github.com/Charmve/BLE-Security-Attack-Defence
#bluetooth
#attack
t.iss.one/iotpenetrationTest
Mastering_Malware_Analysis_2019.pdf
25 MB
Tech. book:
"Mastering Malware Analysis", 2019.
// The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks
#malwareanalysis
t.iss.one/iotpenetrationTest
"Mastering Malware Analysis", 2019.
// The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks
#malwareanalysis
t.iss.one/iotpenetrationTest
WLAN Security:
Ruckus IoT Controller (Ruckus vRIoT) <= 1.5.1.0.21 - Command Injection & Broken Authentication
(PoC for CVE-2020-26878)
https://www.exploit-db.com/exploits/49110
#iot
@iotpenetrationtest
Ruckus IoT Controller (Ruckus vRIoT) <= 1.5.1.0.21 - Command Injection & Broken Authentication
(PoC for CVE-2020-26878)
https://www.exploit-db.com/exploits/49110
#iot
@iotpenetrationtest
Machine_Learning_based_Run_Time_Hardware_Trojan_Detection_@iotpenetrationTest.pdf
3.2 MB
Research:
"Machine Learning-based Run-Time Hardware Trojan Detection in Resource-Constrained IoT Edge Devices", 2020.
#iot
@iotpenetrationTest
"Machine Learning-based Run-Time Hardware Trojan Detection in Resource-Constrained IoT Edge Devices", 2020.
#iot
@iotpenetrationTest
Current_State_of_IPv6_Security_in_IoT.pdf
1.7 MB
Research:
"Current State of IPv6 Security in IoT", White Paper. 2020.
#iot
=-=-=-=-=-=-=-=-=-=-==--=
@iotpenetrationTest
"Current State of IPv6 Security in IoT", White Paper. 2020.
#iot
=-=-=-=-=-=-=-=-=-=-==--=
@iotpenetrationTest