Close
- Information Technology
- Data Infrastructure
- Data Tools
- Desktops, Laptops and OS
- Chip Sets
- Collaboration Tools
- Desktop Systems - PCs
- Email Client
- Embedded Systems
- Hardware and Periferals
- Laptops
- Linux - Open Source
- Mac OS
- Memory Components
- Mobile Devices
- Presentation Software
- Processors
- Spreadsheets
- Thin Clients
- Upgrades and Migration
- Windows 7
- Windows Vista
- Windows XP
- Word Processing
- Workstations
- Enterprise Applications
- IT Infrastructure
- IT Management
- Networking and Communications
- Bluetooth
- DSL
- GPS
- GSM
- Industry Standard Protocols
- LAN - WAN
- Management
- Mobile - Wireless Communications
- Network
- Network Administration
- Network Design
- Network Disaster Recovery
- Network Interface Cards
- Network Operating Systems
- PBX
- RFID
- Scalability
- TCP - IP
- Telecom Hardware
- Telecom Regulation
- Telecom Services
- Telephony Architecture
- Unified Communications
- VPNs
- VoIP - IP Telephony
- Voice Mail
- WAP
- Wi-Fi (802.11)
- WiMAX (802.16)
- Wide Area Networks (WAN)
- Wireless Internet
- Wireless LAN
- Security
- Servers and Server OS
- Software and Web Development
- .Net Framework
- ASPs
- Application Development
- Application Servers
- Collaboration
- Component-Based
- Content Management
- E-Commerce - E-Business
- Enterprise Applications
- HTML
- IM
- IP Technologies
- Integration
- Internet
- Intranet
- J2EE
- Java
- Middleware
- Open Source
- Programming Languages
- Quality Assurance
- SAAS
- Service-Oriented Architecture (SOA)
- Software Engineering
- Software and Development
- Web Design
- Web Design and Development
- Web Development and Technology
- XML
- Storage
- Agriculture
- Automotive
- Career
- Construction
- Education
- Engineering
- Broadcast Engineering
- Chemical
- Civil and Environmental
- Control Engineering
- Design Engineering
- Electrical Engineering
- GIS
- General Engineering
- Industrial Engineering
- Manufacturing Engineering
- Materials Science
- Mechanical Engineering
- Medical Devices
- Photonics
- Power Engineering
- Process Engineering
- Test and Measurement
- Finance
- Food and Beverage
- Government
- Healthcare and Medical
- Human Resources
- Information Technology
- Data Infrastructure
- Data Tools
- Desktops, Laptops and OS
- Chip Sets
- Collaboration Tools
- Desktop Systems - PCs
- Email Client
- Embedded Systems
- Hardware and Periferals
- Laptops
- Linux - Open Source
- Mac OS
- Memory Components
- Mobile Devices
- Presentation Software
- Processors
- Spreadsheets
- Thin Clients
- Upgrades and Migration
- Windows 7
- Windows Vista
- Windows XP
- Word Processing
- Workstations
- Enterprise Applications
- IT Infrastructure
- IT Management
- Networking and Communications
- Bluetooth
- DSL
- GPS
- GSM
- Industry Standard Protocols
- LAN - WAN
- Management
- Mobile - Wireless Communications
- Network
- Network Administration
- Network Design
- Network Disaster Recovery
- Network Interface Cards
- Network Operating Systems
- PBX
- RFID
- Scalability
- TCP - IP
- Telecom Hardware
- Telecom Regulation
- Telecom Services
- Telephony Architecture
- Unified Communications
- VPNs
- VoIP - IP Telephony
- Voice Mail
- WAP
- Wi-Fi (802.11)
- WiMAX (802.16)
- Wide Area Networks (WAN)
- Wireless Internet
- Wireless LAN
- Security
- Servers and Server OS
- Software and Web Development
- .Net Framework
- ASPs
- Application Development
- Application Servers
- Collaboration
- Component-Based
- Content Management
- E-Commerce - E-Business
- Enterprise Applications
- HTML
- IM
- IP Technologies
- Integration
- Internet
- Intranet
- J2EE
- Java
- Middleware
- Open Source
- Programming Languages
- Quality Assurance
- SAAS
- Service-Oriented Architecture (SOA)
- Software Engineering
- Software and Development
- Web Design
- Web Design and Development
- Web Development and Technology
- XML
- Storage
- Life Sciences
- Lifestyle
- Management
- Manufacturing
- Marketing
- Meetings and Travel
- Multimedia
- Operations
- Retail
- Sales
- Trade/Professional Services
- Utility and Energy
- View All Topics
Share Your Content with Us
on TradePub.com for readers like you. LEARN MORE
Register for Your Free Webinar Now:
"From Exploits to Forensics Evidence - Unraveling the Unitronics Attack"
Thursday, July 10, 2025, at 2pm Eastern
At the end of 2023, a nation-state affiliated threat actor, CyberAveng3rs, targeted an Israeli made PLC & HMI controller used in water facilities world-wide, spreading propaganda and fear. The attackers chose to deface and shut down Unitronics Vision series devices, sabotaging and rendering them unusable.
We embarked on our research journey, dissecting the attackers' path, with the collaboration of government agencies and CERT teams. We started analyzing the Unitronics Vision PLC, reverse engineering its EWS and its communication protocols. Soon enough, we built a simple client, allowing us to perform raw READ/WRITE operations directly to the PLC memory.
Using our client, we managed to build tools allowing us to perform forensic analysis on compromised PLCs. Using these tools, we were able to find a vulnerability that allowed us to bypass the password lock put in place by the attackers and extract a "history log" containing forensic artifacts about the attackers.
In addition, we took a look at Unitronics Unistream, the new series of controllers meant to replace the old Vision PLC product line, and managed to identify and disclose critical vulnerabilities that could have been used by attackers to gain pre-auth RCE.
In our presentation, we'll follow the footsteps of the attackers, showcasing how they attacked the vulnerable PLCs. We'll then showcase our research process and methodologies for developing forensics tools that helped us retrieve artifacts from infected devices, as well as restore their previous configurations. We will open-source these tools for the first time. Lastly, we will delve into the new vulnerabilities we identified, allowing attackers to achieve pre-auth RCE on newer devices.
Speaker:
Noam Moshe, ClarotyTeam82
Noam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Black Hat and Defcon, as well as winning Master of Pwn at Pwn2Own Miami 2023.
Pravin Mohan, Head of Solution Sales, ManageEngine
Pravin is the Director of Presales at ManageEngine, with over a decade of experience leading strategic initiatives across the Security Information and Event Management (SIEM) suite. A respected thought leader in cybersecurity, he combines technical depth with practical know-how to help organizations stay ahead of evolving security threats.
Offered Free by: Zoho
See All Resources from: Zoho
Recommended for Professionals Like You:
