Classical Information Technology (IT) systems and Operational Technology (OT) are quickly converging technically. Furthermore, the upcoming digitalization, the corresponding information transparancy and the increased number of networked systems poses new challenges on the security of industrial production systems...
After the Instagram iOS vulnerability discovered last year, the app’s HTTP API has been extended with a cryptographic authentication for changes like “likes” and deletes. However, the implementation of this authentication is flawed in two ways, making it possible to “like” or delete pictures in the name of another user, once his credentials have been sniffed over plain-text HTTP.
CVE-2017-5589+ Multiple XMPP Clients User Impersonation Vulnerability Dr. Georg Lukas, rt-solutions.de, 2017-02-09 Classification: CWE-304: Missing Critical Step in Authentication CWE-940: Improper Verification of Source of a Communication Channel CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N (score 7.1) Summary An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the […]
rt-solutions.de GmbH
Oberländer Ufer 190a
D-50968 Cologne
rt-solutions designs holistic IT-Control Frameworks for your company in order to regularly check and report on the compliance of controls (risk-reducing measures) and to demonstrably eliminate identified deficits. The goal of such an IT control framework is to protect your company from adverse events in terms of financial, operational, strategic compliance and reputation damage.
Further information can be found here.
rt-solutions.de GmbH is participating in the IC4F research project as consortium member to enhance the IT-Security of industrial networks. The main goal of the project is to investigate and develop a holistic solution for industrial communication in the context of factory automation..
Click here to read more.
Comprehensive modelling of Security-requirements and properties.
rt-solutions.de designes cyber security for industrial networks of tomorrow.
Official information about the research project.
link to the article.
Our advisory services help you to improve the security and efficiency of your IT and to control your IT risks.
We develop sustainable, practical and precisely fitting solutions for complex challenges.
We are at any time available for you.
Phone: +49 221 93724 0
Office: Oberländer Ufer 190a, D-50968 Cologne
Email: info@rt-solutions.de
Webseitenbetreiber müssen, um Ihre Webseiten DSGVO konform zu publizieren, ihre Besucher auf die Verwendung von Cookies hinweisen und darüber informieren, dass bei weiterem Besuch der Webseite von der Einwilligung des Nutzers in die Verwendung von Cookies ausgegangen wird.
Der eingeblendete Hinweis Banner dient dieser Informationspflicht.
Sie können das Setzen von Cookies in Ihren Browser Einstellungen allgemein oder für bestimmte Webseiten verhindern. Eine Anleitung zum Blockieren von Cookies finden Sie hier.