CINXE.COM

<!DOCTYPE html><html data-wf-domain="www.nozominetworks.com" data-wf-page="6545247d392723f0e4790030" data-wf-site="645a4534705010e2cb244f50" lang="en"><head><meta charset="utf-8"/><title>Exploring Nozomi Networks' Labs</title><meta content="Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations through cybersecurity research and collaboration with industry." name="description"/><meta content="Exploring Nozomi Networks' Labs" property="og:title"/><meta content="Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations through cybersecurity research and collaboration with industry." property="og:description"/><meta content="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65049d731a2b04bf736b5f7b_NN-Labs-Page-Thumbnails-1200x628px.webp" property="og:image"/><meta content="Exploring Nozomi Networks' Labs" property="twitter:title"/><meta content="Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations through cybersecurity research and collaboration with industry." property="twitter:description"/><meta content="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65049d731a2b04bf736b5f7b_NN-Labs-Page-Thumbnails-1200x628px.webp" property="twitter:image"/><meta property="og:type" content="website"/><meta content="summary_large_image" name="twitter:card"/><meta content="width=device-width, initial-scale=1" name="viewport"/><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/css/nozomi-2023.5a461d78a.min.css" rel="stylesheet" type="text/css"/><link href="https://fonts.googleapis.com" rel="preconnect"/><link href="https://fonts.gstatic.com" rel="preconnect" crossorigin="anonymous"/><script src="https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js" type="text/javascript"></script><script type="text/javascript">WebFont.load({ google: { families: ["Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic","Vollkorn:400,400italic,700,700italic","Merriweather:300,300italic,400,400italic,700,700italic,900,900italic","Open Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic","Oswald:200,300,400,500,600,700"] }});</script><script type="text/javascript">!function(o,c){var n=c.documentElement,t=" w-mod-";n.className+=t+"js",("ontouchstart"in o||o.DocumentTouch&&c instanceof DocumentTouch)&&(n.className+=t+"touch")}(window,document);</script><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65dca135c2a0377136b5d42b_NN-Favicon-32x32px.png" rel="shortcut icon" type="image/x-icon"/><link href="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/65dca12dbfa711f6599f64a5_NN-Favicon-256x256px-white.png" rel="apple-touch-icon"/><link href="https://www.nozominetworks.com/labs" rel="canonical"/><script async="" src="https://www.googletagmanager.com/gtag/js?id=G-XPDLLMSMHQ"></script><script type="text/javascript">window.dataLayer = window.dataLayer || [];function gtag(){dataLayer.push(arguments);}gtag('js', new Date());gtag('set', 'developer_id.dZGVlNj', true);gtag('config', 'G-XPDLLMSMHQ');</script><script id="jetboost-script" type="text/javascript"> window.JETBOOST_SITE_ID = "clj7g82ou015p0qp589h903v7"; (function(d) { var s = d.createElement("script"); s.src = "https://cdn.jetboost.io/jetboost.js"; s.async = 1; d.getElementsByTagName("head")[0].appendChild(s); })(document); </script> <style> .image-div-fit { object-fit: cover; object-position: bottom left; } .image-div-fit-related { object-fit: cover; object-position: bottom left; } .image-div-fit-blog { object-position: center!important; } .code-snippet { padding: 40px; background-color: #efefef; width: 100%; overflow-wrap: anywhere; font-family: Courier New; } .footer-subscribe-embed-box .hs-form-private { display: block!important; } .footer-subscribe-embed-box label { margin-bottom: 5px; color: #fff; font-family: Montserrat; font-weight: 400; } .footer-subscribe-embed-box .hs-input { padding: 10px; border-radius: 5px; font-family: Montserrat; font-size: 14px; border: 0px; width: 95%; min-width: 275px; margin-right: 10px; } .footer-subscribe-embed-box .hs-fieldtype-checkbox { margin-top: 15px; } .footer-subscribe-embed-box li .hs-input { min-width: 0px!important; width: 15px; list-style-type: none; } .footer-subscribe-embed-box .inputs-list { padding-left: 0px; list-style-type: none; } .sidebar-newsletter-box .hs-fieldtype-checkbox { margin-top: 15px; } .sidebar-newsletter-box li .hs-input { min-width: 0px!important; width: 15px; list-style-type: none; font-weight: 400; font-size: 12px; } .sidebar-newsletter-box .inputs-list { padding-left: 0px; list-style-type: none; } .footer-subscribe-embed-box .is-placeholder { padding-bottom: 8px!important; } .footer-subscribe-embed-box .hs-input option { padding-bottom: 0px!important; } .sidebar-newsletter-box .hs-input { padding: 10px; border-radius: 5px; font-family: Montserrat; font-size: 11px; border: 0px; width: 95%; margin-right: 10px; } .sidebar-newsletter-box .hs-error-msg { font-size: 12px; font-weight: 800; font-family: Montserrat; color: #D13164; } .sidebar-newsletter-box .hs-error-msgs { padding-left: 0px; list-style-type: none } .sidebar-newsletter-box label { font-family: Montserrat; color: #fff; font-weight: 400; font-size: 12px; } .sidebar-newsletter-box .hs-button { margin-top: 5px; margin-bottom: 10px; font-size: 14px; padding: 10px; padding-left: 20px; padding-right: 20px; color: #fff; background-color: #D13164; border: 0px; font-family: Montserrat; font-weight: 400; border-radius: 20px; box-shadow: 0px 4px 8px rgba(0, 0, 0, 0.3); } .sidebar-newsletter-box .hs-form-private { justify-content: left!important; } .footer-subscribe-embed-box .hs-button { margin-top: 5px; margin-bottom: 10px; font-size: 14px; padding: 10px; padding-left: 20px; padding-right: 20px; color: #fff; background-color: #D13164; border: 0px; font-family: Montserrat; font-weight: 400; border-radius: 20px; box-shadow: 0px 4px 8px rgba(0, 0, 0, 0.3); } .footer-subscribe-embed-box .hs-error-msgs{ padding-left: 15px; color: #D13164; font-family: Montserrat; font-size: 10px; display: block!important; } .footer-subscribe-embed-box .hs-fieldtype-select { margin-right: -12px; } .footer-subscribe-embed-box .submitted-message { max-width: 350px; margin-left: auto; margin-right: auto; font-size: 14px; font-family: Montserrat; text-align: center; color: #fff; font-weight: 700; } .legal-content-section { justify-content: flex-start; display: flex; line-height: 26px; font-family: 'Montserrat'; font-size: 18px; font-weight: 400; } .legal-content-section h5 { margin-top: 10px; font-size: 18px; line-height: 26px; } .legal-content-section li { font-weight: 400; line-height: 24px; margin-bottom: 8px; } @supports (display: flex) { @media screen and (max-width: 480px) { .footer-subscribe-embed-box .hs-form-private { display: block!important; } } } </style> <script> var hsscript = document.createElement("script"); hsscript.src = "https://cdn.jsdelivr.net/npm/hockeystack@latest/hockeystack.min.js"; hsscript.async = 1; hsscript.dataset.apikey = "5105728fe4c8805a36893632a83b6e"; hsscript.dataset.cookieless = 1; hsscript.dataset.autoIdentify = 1; document.getElementsByTagName('head')[0].append(hsscript); </script> <script> document.addEventListener("DOMContentLoaded", function() { var authorElement = document.querySelector('.post-author-text-byline-author'); if (authorElement) { var authorName = authorElement.textContent.trim(); window.dataLayer = window.dataLayer || []; window.dataLayer.push({ 'event': 'authorDataReady', 'author': authorName }); } else { console.error("Author element not found"); } }); </script>  <script src=https://cdn.cookielaw.org/scripttemplates/otSDKStub.js type="text/javascript" charset="UTF-8" data-domain-script="1b3a08d1-270d-4dc7-8bd4-239c4aab3143" ></script> <script type="text/javascript"> function OptanonWrapper() { } </script>   <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-NMJG569" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <script> window.dataLayer = window.dataLayer || []; </script>  <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!=='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-NMJG569');</script>   <script type="text/javascript" id="hs-script-loader" async defer src="https://js.hs-scripts.com/2724979.js"></script>   <script>void 0===window.navatticQueue&&(window.navatticQueue=[],window.navattic=new Proxy({},{get:function n(t,u,e){return function(){for(var n=arguments.length,t=Array(n),e=0;e<n;e++)t[e]=arguments[e];return navatticQueue.push({function:u,arguments:t})}}}));</script> <script async src=https://js.navattic.com/sdk.js data-key="pkey_cm34kqm5r01wars3b4wc40m5f"></script> <script type="application/ld+json"> { "@context": "https://schema.org/", "@type": "Article", "mainEntityOfPage": { "@type": "WebPage", "@id": "https://www.nozominetworks.com/labs" }, "headline": "Nozomi Networks Labs", "description": "Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations. Through our cybersecurity research and collaboration with industry and institutions, we’re helping defend the operational systems that support everyday life.", "image": { "@type": "ImageObject", "url": "https://assets-global.website-files.com/645a4534705010e2cb244f50/64d640e8dbe2b978cd833512_64b9537d70084959a67a8a48_nn-threat-intel-screenshot-p-1080.webp", "width": "", "height": "" }, "author": { "@type": "Organization", "name": "Nozomi Networks" }, "publisher": { "@type": "Organization", "name": "https://www.nozominetworks.com/", "logo": { "@type": "ImageObject", "url": "https://assets-global.website-files.com/645a4534705010e2cb244f50/647cdfc8e9b140d6c4dd4877_nozomi-logo.svg", "width": "", "height": "" } }, "datePublished": "2023-09-21", "dateModified": "2023-09-21" } </script> <style> .footer-subscribe-embed-box-labs-top-section .hs-form-private { justify-content: left; } </style><script type="text/javascript">window.__WEBFLOW_CURRENCY_SETTINGS = {"currencyCode":"USD","symbol":"$","decimal":".","fractionDigits":2,"group":",","template":"{{wf {\"path\":\"symbol\",\"type\":\"PlainText\"} }} {{wf {\"path\":\"amount\",\"type\":\"CommercePrice\"} }} {{wf {\"path\":\"currencyCode\",\"type\":\"PlainText\"} }}","hideDecimalForWholeNumbers":false};</script></head><body><div class="navigation-full"><div class="labs-search-bar-wrapper"><div class="labs-search-bar-container"><form action="/search" class="labs-search-bar w-form"><input class="labs-search-bar-input w-input" maxlength="256" name="query" placeholder="" type="search" id="search" required=""/><input type="submit" class="labs-search-bar-button w-button" value="Search"/></form><a data-w-id="5a276fb5-b78f-1d5a-bd2c-9d20657eefe9" href="#" class="search-x-bar-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64c81dfa65ea82a1c77f10fb_delete-button-labs.svg" loading="lazy" alt="" class="search-x-bar"/></a></div></div><div class="navigation-top-banner"><div class="container-navigation top-menu-container w-container"><div class="navigation-link-wrapper top-navigation-link-wrapper"><a href="/academy" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Academy</div></a><a href="/labs" aria-current="page" class="top-menu-link-block w-inline-block w--current"><div class="top-menu-link-text">Labs</div></a><a href="/company/careers" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Careers</div></a><a href="https://partners.nozominetworks.com/English/" target="_blank" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Partner Login</div></a><a href="/support" class="top-menu-link-block w-inline-block"><div class="top-menu-link-text">Support</div></a><a data-w-id="458cb188-1283-32ae-f147-288f47a43dfa" href="#" class="top-menu-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e01124e0e28315faf47d9_nozomi-top-menu-search-icon.svg" loading="lazy" alt="search bar" class="top-menu-link-icon"/></a></div></div></div><div data-collapse="medium" data-animation="default" data-duration="400" data-easing="ease" data-easing2="ease" role="banner" class="navigation labs-navigation w-nav"><div class="container-navigation"><div class="navigation-link-wrapper"><a href="/" class="brand w-nav-brand"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad97cf39a2d75946f921ae_nn-Labs-icon-white.webp" loading="lazy" width="200" sizes="(max-width: 479px) 22vw, (max-width: 767px) 13vw, (max-width: 991px) 9vw, (max-width: 1279px) 7vw, (max-width: 1919px) 6vw, 75.296875px" alt="" srcset="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad97cf39a2d75946f921ae_nn-Labs-icon-white-p-500.png 500w, https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad97cf39a2d75946f921ae_nn-Labs-icon-white-p-800.png 800w, https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad97cf39a2d75946f921ae_nn-Labs-icon-white-p-1080.png 1080w, https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad97cf39a2d75946f921ae_nn-Labs-icon-white.webp 1200w" class="logo-image labs-logo-image"/></a></div><div class="navigation-button-wrapper labs-navigation-button-wrapper"><nav role="navigation" class="menu-wrap labs-menu-wrap w-nav-menu"><a href="/vulnerability-advisories" class="labs-nav-link-block w-inline-block"><div class="nav-toggle labs-nav-toggle">Vulnerability Advisories</div></a><a href="/labs#tools" class="labs-nav-link-block w-inline-block"><div class="nav-toggle labs-nav-toggle">Tools</div></a><a href="/research-reports" class="labs-nav-link-block w-inline-block"><div class="nav-toggle labs-nav-toggle">Research</div></a><a href="/blog?tag=labs-research" class="labs-nav-link-block w-inline-block"><div class="nav-toggle labs-nav-toggle">Labs Blogs</div></a><div class="nozomi-logo-white-wrapper"><a href="/" class="w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad59245b1144ec8f06fc7c_white-nozomi-networks-logo.svg" loading="lazy" alt="NN labs link"/></a></div></nav><div class="menu-button labs-menu-button w-nav-button"><div class="w-icon-nav-menu"></div></div></div></div></div></div><section class="labs-hero-header"><div class="w-layout-blockcontainer labs-hero-header-container w-container"><div class="labs-hero-header-text-container"><h1 class="labs-hero-header-title">Nozomi Networks Labs</h1><p class="labs-hero-header-paragraph">Our Nozomi Networks Labs team is made up of highly respected threat hunters and security analysts who are dedicated to reducing cyber risk for industrial and critical infrastructure organizations. They responsibly disclose vulnerabilities and freely share their research findings and security tools with the global OT security community.</p><div class="labs-hero-header-two-button-container"><a data-w-id="5cbc50c5-8627-72d1-7a51-b6671f275c2d" href="#" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Subscribe to Labs</a><a href="/vulnerability-advisories" target="_blank" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Vulnerability Advisories</a></div><div class="labs-subscribe-container"><div class="footer-subscribe-embed-box footer-subscribe-embed-box-labs-top-section w-embed w-script"><script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script> <script> hbspt.forms.create({ region: "na1", portalId: "2724979", formId: "62f3fe93-00d8-4f2d-9bce-221f6e4c8ff5", sfdcCampaignId: "7014H000000Z1R0QAK" }); </script> <div style="max-width: 350px; margin-left: 0; margin-right: auto;"><a href="https://www.nozominetworks.com/legal/privacy-policy/" target="_blank" style="font-size: 10px; line-height: 18px; color: #F5F5F7; font-family: Montserrat;">View our Privacy Policy</a></div></div></div></div></div></section><section class="vulnerability-advisories-slider-section"><div class="w-layout-blockcontainer vulnerability-advisories-slider-section-container w-container"><div class="homepage-content-slider-section-container va-content-slider-section"><h2 class="vulnerability-advisories-slider-section-title">Vulnerability Advisories</h2><div data-delay="4000" data-animation="slide" class="homepage-content-slider va-content-slider w-slider" data-autoplay="false" data-easing="ease-out-quint" data-hide-arrows="false" data-disable-swipe="false" data-autoplay-limit="0" data-nav-spacing="3" data-duration="1000" data-infinite="false"><div class="homepage-content-slider-mask w-slider-mask"><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42392</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42392" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42392" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42391</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42391" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42391" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42390</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42390" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42390" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42389</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42389" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42389" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42388</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42388" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42388" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div><div class="slide va-slide w-slide"><div class="homepade-content-slider-card"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="homepage-slider-block-content va-slider-block-content labs-va-slider-block-content"><p class="homepage-content-slider-block-details">CVE-2024-42387</p><div class="va-buttons-wrapper"><a href="https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Details</a><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-42387" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">CVE</a><a href="https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42387" class="nozomi-button nozomi-button-arrow button-padding-right-10px w-button">Security Notification</a></div></div></div></div></div></div></div></div><div class="left-arrow w-slider-arrow-left"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/649c84715269c80f101473c6_blue-arrow-left-nozomi.svg" loading="lazy" alt=""/></div><div class="right-arrow w-slider-arrow-right"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647defb2b8a8311dbdd172e6_blue-arrow-left.svg" loading="lazy" alt="Learn more link"/></div><a href="/vulnerability-advisories" class="va-view-all-link-block w-inline-block"><div>View all</div></a><div class="slide-nav w-slider-nav w-round"></div></div></div></div></section><section class="blogs-articles-section"><div class="blogs-articles-container w-container"><div class="blogs-articles-header-wrapper"><div class="blogs-articles-header-text-container"><h2 class="blogs-articles-header">Labs Blogs</h2><p class="blogs-articles-header-text">Read the latest blog content from our security research team.</p></div><a href="/blog?tag=labs-research" class="nozomi-button nozomi-button-arrow w-button">View all Labs blogs</a></div><div class="blog-content-wrapper"><div class="w-layout-grid blog-articles-section-content-grid"><div id="w-node-c4e8ebea-7d99-a24d-802a-a7faf8a0076d-e4790030" class="blogs-articles-content-featured-grid-wrapper"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server.webp" loading="lazy" alt="" sizes="(max-width: 479px) 90vw, (max-width: 991px) 93vw, (max-width: 1919px) 96vw, 1250px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/67353231f5574ff80842a06d_LABS%20BLOG-%20Mongoose%20web%20server.webp 1200w" class="blogs-articles-featured-image"/><h2 class="blogs-articles-featured-title">Hunting the Mongoose: Discovering 10 Vulnerabilities in the Mongoose Web Server Library</h2><p class="blogs-articles-featured-description truncate w-dyn-bind-empty"></p><a href="/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library" class="learn-more-button w-button">Continue Reading</a></div></div></div></div><div id="w-node-c4e8ebea-7d99-a24d-802a-a7faf8a00779-e4790030" class="blogs-articles-sidebar-posts-wrapper"><div class="w-dyn-list"><div role="list" class="w-dyn-items"><div role="listitem" class="w-dyn-item"><div class="blogs-articles-sidebar-post-column-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 79vw, 200px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735bde3981b561fdfde85d6_Trust-Matters-Blog-FEATURED.webp 1200w" class="blogs-articles-sidebar-image"/><div class="blogs-articles-sidebar-post-header-text-wrapper"><h2 class="heading">Trust Matters: Uncovering Vulnerabilities in the Matter Protocol</h2><a href="/blog/trust-matters-uncovering-vulnerabilities-in-the-matter-protocol" class="learn-more-button blogs-articles-sidebar-read-more-button w-button">Read</a></div></div></div><div role="listitem" class="w-dyn-item"><div class="blogs-articles-sidebar-post-column-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 79vw, 200px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/670984185367ac417cc3e900_GoAhead-FEATURED.webp 1200w" class="blogs-articles-sidebar-image"/><div class="blogs-articles-sidebar-post-header-text-wrapper"><h2 class="heading">Security Flaws Discovered in GoAhead Might Affect Web Servers Over Embedded/IoT Devices</h2><a href="/blog/security-flaws-discovered-in-goahead-might-affect-web-servers-over-embedded-iot-devices" class="learn-more-button blogs-articles-sidebar-read-more-button w-button">Read</a></div></div></div><div role="listitem" class="w-dyn-item"><div class="blogs-articles-sidebar-post-column-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 79vw, 200px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66db5a7bebb5f35e6505d4cc_Espressif-ESP-NOW-FEATURED.webp 1200w" class="blogs-articles-sidebar-image"/><div class="blogs-articles-sidebar-post-header-text-wrapper"><h2 class="heading">Flaws in Espressif ESP-NOW Allow Attackers to Replay Communications</h2><a href="/blog/flaws-in-espressif-esp-now-allow-attackers-to-replay-communications" class="learn-more-button blogs-articles-sidebar-read-more-button w-button">Read</a></div></div></div><div role="listitem" class="w-dyn-item"><div class="blogs-articles-sidebar-post-column-wrapper"><img src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66b17ba6d661431798f2682a_Beckhoff-Vulns-FEATURED.webp" loading="lazy" alt="" sizes="(max-width: 479px) 79vw, 200px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66b17ba6d661431798f2682a_Beckhoff-Vulns-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66b17ba6d661431798f2682a_Beckhoff-Vulns-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66b17ba6d661431798f2682a_Beckhoff-Vulns-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66b17ba6d661431798f2682a_Beckhoff-Vulns-FEATURED.webp 1200w" class="blogs-articles-sidebar-image"/><div class="blogs-articles-sidebar-post-header-text-wrapper"><h2 class="heading">Four Vulnerabilities in Beckhoff TwinCAT/BSD Could Allow PLC Logic Tampering, DoS</h2><a href="/blog/four-vulnerabilities-in-beckhoff-twincat-bsd-could-allow-plc-logic-tampering-dos" class="learn-more-button blogs-articles-sidebar-read-more-button w-button">Read</a></div></div></div></div></div></div></div></div></div></section><section class="related-resources-section"><div class="w-layout-blockcontainer related-resources-section-container w-container"><div class="related-resources-section-header-wrapper"><h2 class="related-resources-section-main-title">Latest Labs Research </h2></div><div id="w-node-_0658c752-3d04-71c4-f013-035da6665003-e4790030" class="w-dyn-list"><div role="list" class="resources-collection-grid w-dyn-items"><div role="listitem" class="w-dyn-item"><div id="w-node-_15e6cbb3-d8a1-74c0-bfc7-2527d802e103-e4790030" class="related-resources-section-grid-item-wrapper resources-cms-grid-item-wrapper"><div class="related-resources-section-grid-item-columns w-row"><div class="w-col w-col-6"><img loading="lazy" alt="" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735be4ae72fef2ffb3fc87d_Trust-Matters-WP-THUMBNAIL.webp" sizes="(max-width: 479px) 47vw, (max-width: 767px) 34vw, (max-width: 991px) 21vw, (max-width: 1279px) 22vw, 230px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735be4ae72fef2ffb3fc87d_Trust-Matters-WP-THUMBNAIL-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735be4ae72fef2ffb3fc87d_Trust-Matters-WP-THUMBNAIL-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735be4ae72fef2ffb3fc87d_Trust-Matters-WP-THUMBNAIL-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6735be4ae72fef2ffb3fc87d_Trust-Matters-WP-THUMBNAIL.webp 1200w" class="related-resources-section-grid-item-image resources-cms-grid-image image-div-fit"/></div><div class="w-col w-col-6"><div class="related-resources-section-grid-item-title-wrapper"><h3 class="related-resources-section-grid-item-title">Trust Matters: Attacking Smart Device Authenticity</h3><a href="/resources/trust-matters-attacking-smart-device-authenticity" class="learn-more-button w-button">Read</a></div></div></div></div></div><div role="listitem" class="w-dyn-item"><div id="w-node-_15e6cbb3-d8a1-74c0-bfc7-2527d802e103-e4790030" class="related-resources-section-grid-item-wrapper resources-cms-grid-item-wrapper"><div class="related-resources-section-grid-item-columns w-row"><div class="w-col w-col-6"><img loading="lazy" alt="" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66ce6134131c75bddd79d038_Webinar-OT-IoT-Security-Report-2024-1H-THUMBNAIL%20copy.webp" sizes="(max-width: 479px) 47vw, (max-width: 767px) 34vw, (max-width: 991px) 21vw, (max-width: 1279px) 22vw, 230px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66ce6134131c75bddd79d038_Webinar-OT-IoT-Security-Report-2024-1H-THUMBNAIL%20copy-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66ce6134131c75bddd79d038_Webinar-OT-IoT-Security-Report-2024-1H-THUMBNAIL%20copy-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66ce6134131c75bddd79d038_Webinar-OT-IoT-Security-Report-2024-1H-THUMBNAIL%20copy-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/66ce6134131c75bddd79d038_Webinar-OT-IoT-Security-Report-2024-1H-THUMBNAIL%20copy.webp 1200w" class="related-resources-section-grid-item-image resources-cms-grid-image image-div-fit"/></div><div class="w-col w-col-6"><div class="related-resources-section-grid-item-title-wrapper"><h3 class="related-resources-section-grid-item-title">OT/IoT Cybersecurity Trends and Insights | Reviewing the First Half of 2024</h3><a href="/resources/ot-iot-cybersecurity-trends-and-insights-2024-1h" class="learn-more-button w-button">Read</a></div></div></div></div></div><div role="listitem" class="w-dyn-item"><div id="w-node-_15e6cbb3-d8a1-74c0-bfc7-2527d802e103-e4790030" class="related-resources-section-grid-item-wrapper resources-cms-grid-item-wrapper"><div class="related-resources-section-grid-item-columns w-row"><div class="w-col w-col-6"><img loading="lazy" alt="" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/668cec431b862fb0f5319c36_OT-IoT-Security-Report-2024-1H-THUMBNAILS.png" sizes="(max-width: 479px) 47vw, (max-width: 767px) 34vw, (max-width: 991px) 21vw, (max-width: 1279px) 22vw, 230px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/668cec431b862fb0f5319c36_OT-IoT-Security-Report-2024-1H-THUMBNAILS-p-500.png 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/668cec431b862fb0f5319c36_OT-IoT-Security-Report-2024-1H-THUMBNAILS-p-800.png 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/668cec431b862fb0f5319c36_OT-IoT-Security-Report-2024-1H-THUMBNAILS-p-1080.png 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/668cec431b862fb0f5319c36_OT-IoT-Security-Report-2024-1H-THUMBNAILS.png 1200w" class="related-resources-section-grid-item-image resources-cms-grid-image image-div-fit"/></div><div class="w-col w-col-6"><div class="related-resources-section-grid-item-title-wrapper"><h3 class="related-resources-section-grid-item-title">Research Report: OT/IoT Cybersecurity Trends and Insights </h3><a href="/resources/iot-ot-cybersecurity-research-report-july-2024" class="learn-more-button w-button">Read</a></div></div></div></div></div><div role="listitem" class="w-dyn-item"><div id="w-node-_15e6cbb3-d8a1-74c0-bfc7-2527d802e103-e4790030" class="related-resources-section-grid-item-wrapper resources-cms-grid-item-wrapper"><div class="related-resources-section-grid-item-columns w-row"><div class="w-col w-col-6"><img loading="lazy" alt="" src="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6663ccf2c02e702da89b4456_Codename_I11usion-WP-FEATURED.webp" sizes="(max-width: 479px) 47vw, (max-width: 767px) 34vw, (max-width: 991px) 21vw, (max-width: 1279px) 22vw, 230px" srcset="https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6663ccf2c02e702da89b4456_Codename_I11usion-WP-FEATURED-p-500.webp 500w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6663ccf2c02e702da89b4456_Codename_I11usion-WP-FEATURED-p-800.webp 800w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6663ccf2c02e702da89b4456_Codename_I11usion-WP-FEATURED-p-1080.webp 1080w, https://cdn.prod.website-files.com/645a45d56fc4750d4edd96fe/6663ccf2c02e702da89b4456_Codename_I11usion-WP-FEATURED.webp 1200w" class="related-resources-section-grid-item-image resources-cms-grid-image image-div-fit"/></div><div class="w-col w-col-6"><div class="related-resources-section-grid-item-title-wrapper"><h3 class="related-resources-section-grid-item-title">Codename I11USION: Eleven Practical Ways to Pwn Browser-Based HMIs</h3><a href="/resources/codename-i11usion-eleven-practical-ways-to-pwn-browser-based-hmis" class="learn-more-button w-button">Read</a></div></div></div></div></div></div></div></div></section><section class="labs-threat-intelligence-section"><div class="w-layout-blockcontainer labs-threat-intelligence-section-container w-container"><div class="w-row"><div class="w-col w-col-5 w-col-stack"><div class="labs-threat-intelligence-section-title-wrapper"><h2 class="labs-threat-intelligence-section-title-header">Threat Intelligence</h2><p class="labs-threat-intelligence-section-paragraph">Curated and maintained by Nozomi Networks Labs, the Threat Intelligence™ service provides threat and vulnerability updates to Guardian, making it easy for IT/OT professionals to stay on top of current OT and IoT risks.</p><a href="/products/threat-intelligence" class="nozomi-button nozomi-button-arrow w-button">View Product Page</a></div></div><div class="w-col w-col-7 w-col-stack"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64d640e8dbe2b978cd833512_64b9537d70084959a67a8a48_nn-threat-intel-screenshot-p-1080.webp" loading="lazy" sizes="(max-width: 767px) 91vw, (max-width: 991px) 700px, (max-width: 1919px) 57vw, 750px" srcset="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64d640e8dbe2b978cd833512_64b9537d70084959a67a8a48_nn-threat-intel-screenshot-p-1080-p-500.webp 500w, https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64d640e8dbe2b978cd833512_64b9537d70084959a67a8a48_nn-threat-intel-screenshot-p-1080-p-800.webp 800w, https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64d640e8dbe2b978cd833512_64b9537d70084959a67a8a48_nn-threat-intel-screenshot-p-1080.webp 1080w" alt="Threat Intel screenshot" class="threat-intelligence-screenshot"/></div></div></div></section><section class="labs-research-projects-section"><div class="w-layout-blockcontainer labs-research-projects-container w-container"><div class="labs-research-projects-columns w-row"><div class="w-col w-col-6"><div class="labs-research-projects-quote-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64ad689a8a4473dd1b414177_labs-research-project-logo-circle.svg" loading="lazy" alt="Nozomi Logo circle" class="labs-research-project-logo-circle"/><p class="labs-research-projects-quote-paragraph">“Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.”</p><div class="labs-research-projects-quote-byline-1">— Andrea Carcano & Moreno Carullo</div><div class="labs-research-projects-quote-byline-2">Co-founders, Nozomi Networks</div></div></div><div class="w-col w-col-6"><div class="labs-research-projects-details-wrapper"><h2 class="labs-research-projects-details-title">Research Projects</h2><div class="labs-research-projects-detail-item-wrapper"><h3 class="labs-research-projects-detail-item-title">TRITON</h3><p class="labs-research-project-details-paragraph">TRITON is the first known cyberattack that directly interacted with a Safety Instrumented System (SIS). Labs reverse engineered the TriStation suite of software and delivered a report and two free tools for security researchers. This research was presented at Black Hat USA 2018.</p><a href="/resources/triton-the-first-ics-cyber-attack-on-safety-instrument-systems" target="_blank" class="learn-more-button w-button">View Project</a></div><div class="labs-research-projects-detail-item-wrapper"><h3 class="labs-research-projects-detail-item-title">GreyEnergy</h3><p class="labs-research-project-details-paragraph">The Labs team reverse engineered the GreyEnergy malicious document (maldoc) that leads to the installation of the malware (backdoor) on a victim’s network. Project outcomes include a report, multiple blogs and two free tools for security researchers.</p><a href="/resources/greyenergy-dissecting-the-malware-from-maldoc-to-backdoor" target="_blank" class="learn-more-button w-button">View Project</a></div><div class="labs-research-projects-detail-item-wrapper"><h3 class="labs-research-projects-detail-item-title">IEC 62351</h3><p class="labs-research-project-details-paragraph">IEC Working Group 15 (WG15) is developing technology standards for secure-by-design power systems. Labs contributes to the standards and has demonstrated how they can be used to identify hard-to-detect cyberattacks. Research from this effort was presented at Black Hat USA 2019.</p><a href="/blog/iec-62351-standards-for-securing-power-system-communications" target="_blank" class="learn-more-button w-button">View Project</a></div><a href="/research-reports" class="nozomi-button nozomi-button-arrow w-button">See all</a></div></div></div></div></section><section id="tools" class="labs-tools-section"><div class="w-layout-blockcontainer labs-tools-section-container w-container"><div class="labs-tools-section-title-wrapper"><h2 class="labs-tools-section-title-header">Tools</h2></div><div class="labs-tools-section-3-column-wrapper"><div class="labs-tools-section-column"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">Guardian Community Edition Assertions (Queries) for COVID-19 Cybersecurity</h3><p class="labs-tools-section-column-paragraph">New assertions (queries) have been added to Guardian Community Edition to help with COVID-19-related cybersecurity challenges.</p><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Queries that check for communications with malicious IP addresses and URLs</p><a href="https://2724979.fs1.hubspotusercontent-na1.net/hubfs/2724979/GCE-COVID-19-Threat-Intel-Assertions-2020410.zip" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">Assertions for COVID-19 Network Indicators</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Queries that check the number of simultaneous remote connections and generate alerts if the number surpasses a threshold.</p><a href="https://2724979.fs1.hubspotusercontent-na1.net/hubfs/2724979/GCE-Remote-Access-Monitoring-Assertions-2020410.zip" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">Assertions for Remote Access Monitoring</a></div><div class="labs-tools-section-column-bottom-wrapper"></div></div><div class="labs-tools-section-column"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">COVID-19 Malware: OT and IoT Threat Intelligence</h3><p class="labs-tools-section-column-paragraph">To help your organization proactively detect and prevent COVID-19 themed cyberattacks, download our network indicators, ransomware and malware threat intelligence.</p><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Network IOCs (Indicators of Compromise)</p><a href="https://github.com/NozomiNetworks/covid19-indicators/blob/master/network/network-indicators.txt" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">COVID-19 themed Network Indicators</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Yara rules for detecting coronavirus ransomware</p><a href="https://github.com/NozomiNetworks/covid19-indicators/blob/master/yara-rules/RANSOM_COVID19_CoronaVirus.yar" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">COVID-19-Themed Ransomware Rules</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Yara rules for detecting COVID-19 Informer malware</p><a href="https://github.com/NozomiNetworks/covid19-indicators/blob/master/yara-rules/MALWARE_COVID19_Informer.yar" class="learn-more-button labs-tools-columns-learn-more-button w-button">COVID-19 Informer Malware Rules</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">List of hashes that detect malicious files</p><a href="https://github.com/NozomiNetworks/covid19-indicators/tree/master/hash" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">COVID-19-Themed Hash</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">SNORT rule for detecting network infection</p><a href="https://github.com/NozomiNetworks/covid19-indicators/blob/master/network/chinoxy_cnc_beacon.rules" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">COVID-19 Chinoxy Backdoor Malware</a></div><div class="labs-tools-section-column-bottom-wrapper"><a href="https://github.com/NozomiNetworks/covid19-indicators" target="_blank" class="learn-more-button learn-more-button-pink learn-more-button-labs-pink w-button">Learn More on GitHub</a></div></div><div class="labs-tools-section-column"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">URGENT/11 Nmap NSE Script for Detecting Vulnerabilities</h3><p class="labs-tools-section-column-paragraph">Our Nmap NSE script for detecting URGENT/11 vulnerabilities is a research tool for quickly checking industrial systems for vulnerable assets based on the version of VxWorks exposed within the FTP service.</p><p class="labs-tools-section-column-paragraph">Due the fact that is not always possible to detect the running version, we recommend that industrial operators use full featured security products for effective vulnerability assessment.</p></div><div class="labs-tools-section-column-bottom-wrapper"><a href="https://github.com/NozomiNetworks/urgent-11" target="_blank" class="learn-more-button learn-more-button-pink learn-more-button-labs-pink w-button">Learn More on GitHub</a></div></div><div class="labs-tools-section-column lab-tools-section-column-2nd-row"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">Radamsa Enhancement, Introducing PCAPNG Awareness<br/></h3><p class="labs-tools-section-column-paragraph">Our contribution allows Radamsa to mutate PCAPNG files focusing only on the packets themselves, eliminating the bytes and data structures used by the PCAPNG format itself. It is useful for testing the robustness of protocol stacks, helping to improve the quality of OT-device software.</p></div><div class="labs-tools-section-column-bottom-wrapper"><a href="https://gitlab.com/akihe/radamsa/merge_requests/58" target="_blank" class="learn-more-button learn-more-button-pink learn-more-button-labs-pink w-button">Learn More on GitLab</a></div></div><div class="labs-tools-section-column lab-tools-section-column-2nd-row"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">GreyEnergy Unpacker + Yara Module<strong><br/></strong></h3><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Automatically unpacks both the dropper and the backdoor and extracts them onto a disk</p><a href="https://github.com/NozomiNetworks/greyenergy-unpacker" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">GreyEnergy Unpacker</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Determines whether a file processed by Yara is the GreyEnergy packer or not</p><a href="https://github.com/NozomiNetworks/tricotools" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">GreyEnergy Yara Module</a></div><div class="labs-tools-section-column-bottom-wrapper"><a href="https://github.com/NozomiNetworks/urgent-11" target="_blank" class="learn-more-button learn-more-button-pink learn-more-button-labs-pink w-button">Learn More on GitHub</a></div></div><div class="labs-tools-section-column lab-tools-section-column-2nd-row"><div class="labs-tools-section-column-top-wrapper"><h3 class="labsl-tools-section-column-title">Tricotools</h3><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Facilitates seeing and comprehending TriStation communications and identifies hardware connected to the safety controller</p><a href="https://github.com/NozomiNetworks/tricotools" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">TriStation Protocol Plug-in for Wireshark</a><p class="labs-tools-section-column-paragraph labs-tools-pre-link-text">Simulates SIS controllers on the network, useful for detecting reconnaissance scans and capture malicious payloads</p><a href="https://github.com/NozomiNetworks/tricotools" target="_blank" class="learn-more-button labs-tools-columns-learn-more-button w-button">Triconex Honeypot Tool</a></div><div class="labs-tools-section-column-bottom-wrapper"><a href="https://github.com/NozomiNetworks/tricotools" target="_blank" class="learn-more-button learn-more-button-pink learn-more-button-labs-pink w-button">Learn More on GitHub</a></div></div></div></div></section><section class="next-step-section"><div class="next-step-container w-container"><h2 class="header header-centered next-step-header">Take the next step.</h2><div class="next-step-paragraph-wrapper"><p class="next-step-paragraph">Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.</p></div><div class="next-step-buttons-wrapper"><a href="/demo" class="nozomi-button nozomi-button-arrow nozomi-button-next-step w-button">Request a Demo</a><a href="/resources/nozomi-networks-platform-demo" class="nozomi-button nozomi-button-arrow nozomi-button-inverse nozomi-button-next-step w-button">Watch Demo</a></div></div></section><section class="footer"><div id="subscribe" class="footer-subscribe-wrapper"><div class="footer-subscribe-container"><div class="footer-subscribe-embed-box w-embed w-script"><script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/embed/v2.js"></script> <script> hbspt.forms.create({ region: "na1", portalId: "2724979", formId: "a03466a4-e367-45ac-8a9f-8739114a494c" }); </script> <div style="max-width: 350px; margin-left: 0; margin-right: auto; padding-top: 5px;"><a href="https://www.nozominetworks.com/legal/privacy-policy" target="_blank" style="font-size: 10px; line-height: 18px; color: #F5F5F7; font-family: Montserrat;">View our Privacy Policy</a></div></div></div></div><div class="footer-top-navigation-bar"><div class="footer-container footer-link-bar-container w-container"><div class="footer-top-navigation-bar-wrapper"><div class="footer-navigation-logo-wrapper"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0bbe5862d58545496b67_nozomi-blue-icon.svg" loading="lazy" alt="" class="image"/></div><a data-w-id="63fd2949-137e-d5f8-88d1-14e184102f83" href="#" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">Subscribe</h2></a><a href="https://www.linkedin.com/company/nozomi-networks-sa" target="_blank" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">LinkedIn</h2></a><a href="/demo" class="footer-top-navigation-link-block w-inline-block"><h2 class="footer-top-navigation-link-text">Demo</h2></a></div></div></div><div class="footer-navigation-link-field-wrapper"><div class="footer-container w-container"><div class="w-layout-grid footer-link-field-grid"><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102f8f-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">PLATFORM</h3><a href="/products" class="footer-link">Platform Overview</a><a href="/products/vantage" class="footer-link">Vantage</a><a href="/products/central-management-console" class="footer-link">Central Management Console</a><a href="/products/guardian" class="footer-link">Guardian</a><a href="/products/guardian-air" class="footer-link">Guardian Air</a><a href="/products/arc" class="footer-link">Arc</a><a href="/products/asset-intelligence" class="footer-link">Asset Intelligence</a><a href="/products/threat-intelligence" class="footer-link">Threat Intelligence</a><a href="/products/smart-polling" class="footer-link">Smart Polling</a><a href="https://security.nozominetworks.com/" target="_blank" class="footer-link">PSIRT</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fa0-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Professional Services</h3><a href="/professional-services" class="footer-link">Overview</a><a href="/professional-services/solution-design" class="footer-link">Design</a><a href="/professional-services/solution-deployment" class="footer-link">Deployment</a><a href="/professional-services/fast-track-service-packages" class="footer-link">Fast Track</a><a href="/professional-services/solution-optimization" class="footer-link">Optimization</a><a href="/professional-services/project-management" class="footer-link">Project Management</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fad-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Business needs</h3><a href="/solutions/threat-detection-and-response" class="footer-link">Threat Detection & Response</a><a href="/solutions/iot-ot-network-monitoring" class="footer-link">Continuous Network Monitoring</a><a href="/solutions/iot-ot-asset-inventory-management" class="footer-link">Asset Inventory Management</a><a href="/solutions/iot-ot-vulnerability-management" class="footer-link">Risk & Vulnerability Management</a><a href="/solutions/iot-security" class="footer-link">IoT Security</a><a href="/solutions/data-center-cybersecurity" class="footer-link">Data Center Cybersecurity</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fbc-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Compliance</h3><a href="/compliance/nerc-cip" class="footer-link">NERC CIP</a><a href="/compliance/nis2-directive-compliance" class="footer-link">NIS2 Directive</a><a href="/compliance/tsa-security-directives" class="footer-link">TSA Security Directives</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fc9-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Solutions: Industry</h3><a href="/industries/airport-cybersecurity" class="footer-link">Airports</a><a href="/industries/electric-utilities-cybersecurity" class="footer-link">Electric Utilities</a><a href="/industries/healthcare-cybersecurity" class="footer-link">Healthcare</a><a href="/industries/federal-government" class="footer-link">Federal Government</a><a href="/industries/manufacturing-cybersecurity" class="footer-link">Manufacturing</a><a href="/industries/maritime-cybersecurity" class="footer-link">Maritime</a><a href="/industries/mining-cybersecurity" class="footer-link">Mining</a><a href="/industries/oil-gas-cybersecurity" class="footer-link">Oil & Gas</a><a href="/industries/pharmaceutical-cybersecurity" class="footer-link">Pharmaceutical</a><a href="/industries/rail-cybersecurity" class="footer-link">Rail</a><a href="/industries/retail-cybersecurity" class="footer-link">Retail</a><a href="/industries/smart-cities-cybersecurity" class="footer-link">Smart Cities</a><a href="/industries/water-wastewater-cybersecurity" class="footer-link">Water & Wastewater</a></div><div id="w-node-_63fd2949-137e-d5f8-88d1-14e184102fe4-84102f7d" class="footer-link-field-column-wrapper"><h3 class="footer-link-field-column-header">Learn</h3><a href="/partners" class="footer-link">Partners</a><a href="/resources" class="footer-link">Resources</a><a href="/company" class="footer-link">Company</a><a href="/company/contact-us" class="footer-link">Contact Us</a><a href="/academy" class="footer-link">Academy</a><a href="/company/careers" class="footer-link">Careers</a><a href="/labs" aria-current="page" class="footer-link w--current">Labs</a><a href="https://www.nozominetworks.com/legal/privacy-policy" class="footer-link">Legal</a><div class="footer-social-icon-wrapper"><a href="https://twitter.com/nozominetworks" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/64e91608e818b441814b52e8_twitter_footer_22x18.svg" loading="lazy" width="42" height="100" alt="" class="footer-social-icon"/></a><a href="https://www.linkedin.com/company/nozomi-networks-sa" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0f5111954ec5d275cd99_linkedin.svg" loading="lazy" alt="Linkedin logo" class="footer-social-icon"/></a><a href="https://www.youtube.com/@nozominetworks" target="_blank" class="footer-social-link-block w-inline-block"><img src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/647e0f5133e547a9cb765948_youtube.svg" loading="lazy" alt="" class="footer-social-icon"/></a></div></div></div></div></div><div class="footer-copyright-wrapper"><div class="footer-container w-container"><div class="footer-copyright-text">© 2024 Nozomi Networks Inc. All Rights Reserved. <a href="https://www.nozominetworks.com/legal/privacy-policy" target="_blank" class="footer-copyright-link">Privacy Policy</a> and Certifications. <a href="#" class="footer-copyright-link">System Status</a>.</div></div></div></section><script src="https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=645a4534705010e2cb244f50" type="text/javascript" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script><script src="https://cdn.prod.website-files.com/645a4534705010e2cb244f50/js/nozomi-2023.3991b2fee.js" type="text/javascript"></script></body></html>