CyberSecurityBoard
Sponsor Register Login

Physical Access Systems Open Door to IT Networks

Cyberattackers can exploit access control measures installed on supposedly secure facility doors to gain unauthorized building access to sensitive locations - as well as breach internal IP networks directly from these systems, researchers are warning.
In a closed-door session at Black Hat Europe 2023 this month, analysts at Otorio demonstrated how attackers can easily subvert modern physical access control systems, which are typically installed by secure doors in the form of a badge-scanner, card-swiper, or keypad. PACSs using the Open Supervised Device Protocol are especially at risk, according to Eran Jacob, head of research at Otorio.
OSDP enables secure communication between a card- or badge-reader and the access controller itself, and it's been found to have multiple vulnerabilities in the past.
In the demonstration, the researchers were able to establish a man-in-the-middle presence on the serial connection behind the readers, overcome tamper protections, bypass OSDP to unlock doors for unauthorized physical access, and then exploit access controllers to pivot to the internal IP network via the serial channel.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 20 Dec 2023 19:45:18 +0000


Cyber News related to Physical Access Systems Open Door to IT Networks

Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
1 month ago Darkreading.com
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
6 months ago Securityintelligence.com
The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
6 months ago Cyberdefensemagazine.com
Closed Door Security Becomes Scotland's First Chartered Cyber Security Business - Closed Door Security, a leading provider of attack-driven cyber security assessments, today announced its CEO and founder, William Wright, has just been awarded with a Chartership in Cyber Security, turning the company into Scotland's most highly ...
5 months ago Itsecurityguru.org
Safeguarding cyber-physical systems for a smart future The Register - Sponsored Feature Cyber-physical systems have a vital role to play in our increasingly connected world. CPS works by uniting computation, control systems, sensors and networks with physical infrastructure, linking all these elements to the Internet ...
4 months ago Go.theregister.com
Physical Access Systems Open Door to IT Networks - Cyberattackers can exploit access control measures installed on supposedly secure facility doors to gain unauthorized building access to sensitive locations - as well as breach internal IP networks directly from these systems, researchers are ...
6 months ago Darkreading.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
3 months ago Darkreading.com
Creating a New Market for Post-Quantum Cryptography - A day in the busy life of any systems integrator includes many actions that revolve around the lifeblood of its business - its customers. Systems integrators help solve evolving customer business challenges, which in turn adds partner value. It's a ...
6 months ago Securityboulevard.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
7 months ago Esecurityplanet.com
Find the Best Home Security System for your Home - Finding the best home security system for your home can be a daunting prospect. From choosing the right equipment to finding a trusted provider, there are many considerations that go into your decision-making process. Fortunately, there are some ...
1 year ago Zdnet.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
6 months ago Paloaltonetworks.com
Launching Your First Open Source Project - I've been deeply immersed in the world of developer products for the past decade, and let me tell you, I've been quite an open-source enthusiast. Over the years, I've had the pleasure of shepherding open-source projects of all shapes and sizes. ...
6 months ago Feeds.dzone.com
Open Source Password Managers: Overview, Pros & Cons - There are many proprietary password managers on the market for those who want an out-of-the box solution, and then there are open source password managers for those wanting a more customizable option. In this article, we explain how open source ...
3 months ago Techrepublic.com
Zero Trust Security: How to Secure Critical Infrastructure - Zero trust security is a critical component of any organization's security strategy that enables organizations to protect their data and systems from malicious actors, cyber threats, and unauthorized access. With the ever-evolving cyber threats ...
1 year ago Csoonline.com
Are the Fears about the EU Cyber Resilience Act Justified? - "The draft cyber resilience act approved by the Industry, Research and Energy Committee aims to ensure that products with digital features, e.g. phones or toys, are secure to use, resilient against cyber threats and provide enough information about ...
7 months ago Securityboulevard.com
Are the Fears About the EU Cyber Resilience Act Justified? - On Wednesday, July 19, the European Parliament voted in favor of a major new legal framework regarding cybersecurity: the Cyber Resilience Act. The act enters murky waters when it comes to open-source software. It typically accounts for 70% to 90% of ...
6 months ago Feeds.dzone.com
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
1 month ago Esecurityplanet.com
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
5 months ago Securityboulevard.com
Preparing for Q-Day as NIST nears approval of PQC standards - Q-Day-the day when a cryptographically relevant quantum computer can break most forms of modern encryption-is fast approaching, leaving the complex systems our societies rely on vulnerable to a new wave of cyberattacks. While estimates just a few ...
1 week ago Helpnetsecurity.com
Preparing for Q-Day as NIST nears approval of PQC standards - Q-Day-the day when a cryptographically relevant quantum computer can break most forms of modern encryption-is fast approaching, leaving the complex systems our societies rely on vulnerable to a new wave of cyberattacks. While estimates just a few ...
5 days ago Helpnetsecurity.com
Cyber and Physical Security Are Different, But They Must Work Together - America's critical infrastructure faces more diverse threats than ever before. The rapid digitalization of many sectors and the relatively analog operational environments that exist in others have led security specialists and analysts to develop ...
7 months ago Cybersecurity-insiders.com
UK to replace physical biometric immigration cards with e-visas - By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, ...
4 months ago Bleepingcomputer.com
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
Smart Home Security Essentials: Protecting What Matters Most - Smart home security systems provide homeowners with the ability to keep their personal and property safe from intruders, theft, and other potential threats. This article will discuss different types of smart home security systems, benefits, setting ...
6 months ago Securityzap.com
Biometric Security in Educational Environments - Biometric technology has gained significant attention in recent years as a potential solution to enhance security in educational environments. The adoption of biometric security in educational settings raises important privacy and ethical concerns. ...
6 months ago Securityzap.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)