Articles with tag: Security
POSTED BY: Dimitrios Glynos / 31.08.2021

Securing the building blocks of embedded software

Co-authored by Sofia Tsagiopoulou

Embedded systems are special purpose systems that cover a wide range of applications, from home electronics and industrial control systems, to medical devices and avionics. The remote management & telemetry features of the so called "Internet of Things" family of embedded devices, have made them quite popular and their placement is almost ubiquitous. From a security standpoint, embedded software is not that different to software found in other domains. However, the criticality of its operation, its exposure on public networks, but also its security limitations make it a very attractive target for attackers. This article presents an overview of the building blocks of today's embedded software, analyses inherent weaknesses in the way this software is built and deployed, and highlights recent developments in the handling of the relevant risk.

POSTED BY: CENSUS / 24.06.2017

Security B-Sides 2017 Athens

CENSUS participated in the "Security B-Sides 2017 Athens" conference with a presentation by Ioannis Stais on the automated discovery of expressions that bypass Web Application Firewalls and Filters, using learning automata. The presentation was entitled "LightBulb Framework: Shedding Light on the Dark Side of WAFs and Filters" and followed Stais' and Argyros' previous research on the subject (see BlackHat Europe in 2016 presentation). The Security B-Sides presentation introduced an Extension for the Burp Suite web proxy application that allows for easier integration of the expression discovery technique to the standard toolbox of web application penetration testers.

POSTED BY: CENSUS / 24.11.2016

2nd ENISA eHealth Cyber Security workshop

CENSUS director of Product Security Services, Dr. Dimitrios Glynos gave a presentation on the topic of "Medical Device Security" at the "2nd ENISA eHealth Cyber Security" workshop held in Vienna, Austria on November 23rd 2016. ENISA is the European Union's Agency for Network and Information Security. Along with the workshop, ENISA published on the same month the "Smart Hospitals - Security and Resilience for Smart Health Service and Infrastructures" study.

POSTED BY: CENSUS / 01.11.2016

Black Hat Europe 2016

CENSUS will be participating at the Black Hat Europe 2016 conference, in London with a presentation by George Argyros and Ioannis Stais on the theme of automated evasion of Web Application Firewalls (WAFs). The presentation's title is Another Brick Off the Wall: Deconstructing Web Application Firewalls using Automata Learning and will take place on Thursday November 3rd 2016 at 14:30 in the Auditorium room of the Business Design Center venue.