Opening Critical Infrastructure: The Current State of Open RAN Security

Credit to Author: Salim S.I.| Date: Fri, 01 Dec 2023 00:00:00 +0000

The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.

Read more

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Credit to Author: Salim S.I.| Date: Fri, 20 Oct 2023 00:00:00 +0000

In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.

Read more

Electric Power System Cybersecurity Vulnerabilities

Credit to Author: Mayumi Nishimura| Date: Fri, 06 Oct 2023 00:00:00 +0000

Digitalization has changed the business environment of the electric power industry, exposing it to various threats. This webinar will help you uncover previously unnoticed threats and develop countermeasures and solutions.

Read more

Attacks on 5G Infrastructure From Users’ Devices

Credit to Author: Salim S.I.| Date: Wed, 20 Sep 2023 00:00:00 +0000

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Read more

Break IT/OT Silos by Expanding SOC Responsibilities

Credit to Author: Kazuhisa Tagaya| Date: Fri, 04 Aug 2023 00:00:00 +0000

The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks.

Read more

Health Industry Cybersecurity Best Practices 2023

Credit to Author: Kazuhisa Tagaya| Date: Thu, 25 May 2023 00:00:00 +0000

This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS (U.S. Department of Health and Human Services) released in Apr 2023.

Read more

Healthcare cybersecurity updated in HIMSS23

Credit to Author: Kazuhisa Tagaya| Date: Fri, 19 May 2023 00:00:00 +0000

This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23.

Read more

S4x23 Review Part 4: Cybersecurity for Industrial IoT

Credit to Author: Kazuhisa Tagaya| Date: Fri, 31 Mar 2023 00:00:00 +0000

In this fourth article, I introduce the discussion related to Industrial IoT, that is involved challenges to adopt cybersecurity strategy into modernizing environment.

Read more