Tag: SCADA Security

Tales From the Road: BESS and SCADA Network Assessment — Is Your MQTT Traffic Secure?

Three areas to secure to ensure your critical infrastructure isn’t vulnerable to a Machine-in-the-Middle (MitM) attack. A multinational corporation in the energy industry enlisted our services to perform a comprehensive security assessment of their XRT Merging Unit. The merging unit sits on the power grid and is responsible for taking battery data from the company’s… Read more »

PolicyKit Vulnerability Exposed After 12 Years: Why You Need to Patch Your Linux Today

Security company Qualys has uncovered a truly dangerous memory corruption vulnerability in polkit’s pkexec, CVE-2021-4034, dubbed “PwnKit”. Polkit, formerly known as PolicyKit, is a systemd SUID-root program. It’s installed by default in every major Linux distribution, which means that tens of millions of devices are vulnerable to this easily-exploitable bug. What makes this flaw even… Read more »