Physical Security
SANS - Data Center Physical Security Checklist
https://www.sans.org/reading-room/whitepapers/awareness/data-center-physical-security-checklist-416
Snowfensive - Convert Entry Assessment
https://github.com/rani-i/Mi365Locker
Jan 15, 2019: A Security Analysis of Radio Remote Controllers for Industrial Applications
Attacks Against Industrial Machines via Vulnerable Radio Remote Controllers: Security Analysis and Recommendations
May 11, 2016: Watch hackers break into the US power grid
29 Different Types of USB Attacks
Aug 16, 2018: USBNinja
Feb 7, 2018: Drone Hacking
Aug 18, 2016: USB Kill
May 10, 2016: USB Rubber Ducky
2019: Radio Sniffing and Replaying Attacks Vs. Alarm System
https://www.linkedin.com/feed/update/urn:li:activity:6501373337233612800
May 23, 2016: Clone RFID Badge
https://motherboard.vice.com/en_us/article/59v8dk/hackers-fake-hand-vein-authentication-biometrics-chaos-communication-congress
https://medium.com/@LucaBongiorni/cloning-fingerprints-like-a-boss-101-edition-893468ecc826
User Configuration > Administrative Templates > System > Removable Storage Access
User Configuration > Administrative Templates > Windows Components > AutoPlay Policies
https://www.sans.org/reading-room/whitepapers/awareness/data-center-physical-security-checklist-416
 |
| (Trend Micro) Examples of security threats to a smart factory with IT and OT convergence |
 |
| (Chatham House) Typical points of vulnerability in industrial control systems |
Physical Penetration Testing
Red Team Security Consulting - Physical Penetration Testing
Snowfensive - Convert Entry Assessment
Live Demo
Feb 12, 2019: Xiaomi Scooter Hackhttps://github.com/rani-i/Mi365Locker
Jan 15, 2019: A Security Analysis of Radio Remote Controllers for Industrial Applications
Attacks Against Industrial Machines via Vulnerable Radio Remote Controllers: Security Analysis and Recommendations
May 11, 2016: Watch hackers break into the US power grid
USB attacks
29 Different Types of USB Attacks
USB Human Interface Device (HID) attack (a.k.a USB Drive-by)
Feb 9, 2019: O•MG cable (Offensive MG kit)
Aug 16, 2018: USBNinja
Feb 7, 2018: Drone Hacking
Aug 18, 2016: USB Kill
May 10, 2016: USB Rubber Ducky
RFID Hacking
Mar 15, 2019: Fujitsu LX901 Keystroke Injection Attack PoC2019: Radio Sniffing and Replaying Attacks Vs. Alarm System
https://www.linkedin.com/feed/update/urn:li:activity:6501373337233612800
May 23, 2016: Clone RFID Badge
"Shove it" Lock Bypass
Vein Authentication
Hackers Make a Fake Hand to Beat Vein Authenticationhttps://motherboard.vice.com/en_us/article/59v8dk/hackers-fake-hand-vein-authentication-biometrics-chaos-communication-congress
Fingerprint Authentication
Cloning Fingerprints Like A Boss: 101 Editionhttps://medium.com/@LucaBongiorni/cloning-fingerprints-like-a-boss-101-edition-893468ecc826
Dec 27, 2018: Hacking the most popular cryptocurrency hardware wallets
https://securityaffairs.co/wordpress/79367/hacking/cryptocurrency-wallets-hack.htmlDefense
Software
Windows Operating SystemUser Configuration > Administrative Templates > System > Removable Storage Access
User Configuration > Administrative Templates > Windows Components > AutoPlay Policies
