I Own Your Building (Management System)

Acrobat I Own Your Building (Management System)
Author/Researcher: Gjoko Krstic & Sipke Mellema
Source: https://applied-risk.com

Introduction: Not many people have noticed that the modern buildings have changed into industrial control systems. By embedding IP-based technologies throughout the buildings and by connecting sensors, controllers and supervisory software, building owners enjoy a low-cost management of their assets, with minimal staffing. Building Management Systems (BMS) monitor and control a building’s internal environment. They are used in various sectors, such as commercial, banking, industrial, medical, and even residential.

Unfortunately, it is observed that these panels are often accessible from the Internet, enabling also malicious parties to access the administrator’s dashboard. Multiple deployments of BMS solutions remain susceptible to basic cyber security
attacks, such as command injection, file uploads or privilege escalation. The execution of these attacks enables an unauthenticated attacker to access and manipulate doors, elevators, air-conditioning systems, cameras, boilers, lights, safety alarm systems in an entire building. Read More

10 Steps to Cyber Security

Acrobat 10 Steps to Cyber Security
Author/Researcher: National Cyber Security Centre
Source: https://www.ncsc.gov.uk
Overview: Defining and communicating your Board’s Information Risk Regime is central to your organisation’s overall cyber security strategy. The National Cyber Security Centre recommends you review this regime – together with the nine associated security areas described below, in order to protect your business against the majority of cyber attacks. Read More

Of Hacks & Keyloggers – Part 1

Of Hacks & Keyloggers…!!! “I don’t know what happened!; I don’t remember visiting any dodgy websites, downloading any weird apps, opening any suspicious emails or attachments, let alone links!, why I am receiving these sms & email notifications from my Bank!?!?” Sounds familiar right? Come to think of it, in most cases the unsuspecting victim is being honest. That being said, I just remembered something; a previous write up revolving around one of the methods used to carry out this type of attack. It can happen to anyone, in fact I was once a victim!



What is a keylogger? 

Read moreOf Hacks & Keyloggers – Part 1