LIVE
UTC --:--:--
OT SECURITY HUB
by zuckergates
Learn · Academy, labs & literasi OT
Roadmap Belajar
Roadmap role-based
LMS Academy
Materi · pre-test · post-test
Labs
50+ hands-on labs · CTF · cyber range
Articles
Deep dive teknis & how-to
News
Update OT/ICS harian
Glossary
≈190 istilah OT, ICS & SCADA
Resources
Buku, kursus, podcast, lab
Knowledge · Anatomi sistem industrial
Protocols
Modbus, DNP3, IEC-104, OPC UA
Architectures
Purdue, IEC 62443 zones
Assets
PLC, RTU, HMI, SIS, Historian
Sectors
Energy, water, manufacturing
Knowledge Graph
Relasi lintas modul (interaktif)
Threat Intel · OT/ICS threat operations center
Incidents & Timeline
Database insiden + linimasa (5 view modes)
Threats
Actors & ICS Malware · Sandworm, Pipedream, Triton
Vulnerabilities
CVE Watch · eksploitasi aktif & CVSS ≥ 8.0
Advisories
ICS-CERT, vendor PSIRT, CERT nasional
Governance · Framework, kontrol, assessment
Frameworks
IEC 62443, NIST CSF 2.0, NIS2
Controls
Kontrol teknis & prosedural
Assessments
Maturity & gap assessment
Ecosystem · Vendor, tools, intel mingguan
Vendors
Siemens, Schneider, Rockwell, ABB, Honeywell
Tools
Tool open-source & komersial (≈70+)
Brief
Executive brief mingguan
// INCIDENT · 2025

Bybit Cold Wallet Heist (Lazarus)

Lazarus memanipulasi front-end Safe{Wallet} sehingga operator menandatangani transaksi malicious dari cold wallet Bybit.

criticalGlobalFinancialLazarus Group (DPRK)
Impact
~USD 1,46 miliar ETH dicuri — pencurian kripto terbesar dalam sejarah.
Initial vector
Safe{Wallet} UI compromise → blind signing
Lessons learned
  • Hardware verification transaksi
  • Zero-trust UI signing
  • Segregasi SaaS multi-sig
← All incidents