Posts | Comments

Planet Arduino

Archive for the ‘penetration testing’ Category

Connecting machines and equipment to the internet became easier than ever when we launched the Arduino Opta micro PLC, enabling real-time control, monitoring, predictive maintenance and more – in industries ranging from smart agriculture to large-scale manufacturing to building automation. 

Supporting our well-known Arduino sketch programming experience and any of the five IEC 61131-3 PLC standard languages, the Opta was designed to be powerful yet easy to use from the start – as well as highly secure. Indeed, the Opta supports OTA firmware updates and ensures data security from the hardware to the Cloud thanks to the physical onboard secure element and X.509 Standard compliance. 

In addition, as part of the go-to-market for this innovative hardware solution, we actively committed to verifying its security against the threats posed by cyberattacks. 

To this end, in late 2023 we started a collaboration with global cybersecurity provider HWG Sababa: their Offensive Team engaged in a penetration test that lasted weeks, assessing Opta’s security posture and pinpointing any weaknesses. Their meticulous report allowed us to remedy any vulnerabilities before they became actual issues, and now we are proud to say the Opta is more secure than ever.

The software patches and configuration updates we carried out are part of our ongoing commitment to providing you the most robust solutions on the market in every respect – including against ever-evolving cyber threats. The rigorous testing process and following activities our team completed only confirms Opta as an ideal candidate for any industrial automation project you have in mind. 

To find out more about the testing process itself, check out the case study published by HWG Sababa

The post Opta: Enhanced cybersecurity after HWG Sababa’s testing appeared first on Arduino Blog.

Nov
03

rfidlongrangehack

Security researcher [Fran Brown] sent us this tip about his Tastic RFID Thief, which can stealthily snag the information off an RFID card at long range. If you’ve worked with passive RFID before, you know that most readers only work within inches of the card. In [Fran's] DEFCON talk this summer he calls it the “ass-grabbing method” of trying to get a hidden antenna close enough to a target’s wallet.

His solution takes an off-the-shelf high-powered reader, (such as the HID MaxiProx 5375), and makes it amazingly portable by embedding 12 AA batteries and a custom PCB using an Arduino Nano to interpret the reader’s output. When the reader sees a nearby card, the information is parsed through the Nano and the data is both sent to an LCD screen and stored to a .txt file on a removable microSD card for later retrieval.

There are two short videos after the break: a demonstration of the Tastic RFID Thief and a quick look at its guts. If you’re considering reproducing this tool and you’re picking your jaw off the floor over the price of the reader, you can always try building your own…


Filed under: Arduino Hacks, wireless hacks


  • Newsletter

    Sign up for the PlanetArduino Newsletter, which delivers the most popular articles via e-mail to your inbox every week. Just fill in the information below and submit.

  • Like Us on Facebook