LIVE
UTC --:--:--
OT SECURITY HUB
by zuckergates
Learn · Academy, labs & literasi OT
Roadmap Belajar
Roadmap role-based
LMS Academy
Materi · pre-test · post-test
Labs
50+ hands-on labs · CTF · cyber range
Articles
Deep dive teknis & how-to
News
Update OT/ICS harian
Glossary
≈190 istilah OT, ICS & SCADA
Resources
Buku, kursus, podcast, lab
Knowledge · Anatomi sistem industrial
Protocols
Modbus, DNP3, IEC-104, OPC UA
Architectures
Purdue, IEC 62443 zones
Assets
PLC, RTU, HMI, SIS, Historian
Sectors
Energy, water, manufacturing
Knowledge Graph
Relasi lintas modul (interaktif)
Threat Intel · OT/ICS threat operations center
Incidents & Timeline
Database insiden + linimasa (5 view modes)
Threats
Actors & ICS Malware · Sandworm, Pipedream, Triton
Vulnerabilities
CVE Watch · eksploitasi aktif & CVSS ≥ 8.0
Advisories
ICS-CERT, vendor PSIRT, CERT nasional
Governance · Framework, kontrol, assessment
Frameworks
IEC 62443, NIST CSF 2.0, NIS2
Controls
Kontrol teknis & prosedural
Assessments
Maturity & gap assessment
Ecosystem · Vendor, tools, intel mingguan
Vendors
Siemens, Schneider, Rockwell, ABB, Honeywell
Tools
Tool open-source & komersial (≈70+)
Brief
Executive brief mingguan
// INCIDENT · 2023

MOVEit Transfer (Cl0p)

Eksploitasi massal aplikasi managed file transfer MOVEit oleh geng Cl0p — kampanye pencurian data terbesar 2023.

criticalGlobalMultiCl0p (TA505)
Impact
2.700+ organisasi, 95+ juta individu terdampak; BBC, BA, Shell, Maximus, DOE.
Initial vector
SQLi zero-day CVE-2023-34362
Malware / tooling
Cl0p
Lessons learned
  • MFT app exposure review
  • File transfer tokenization
  • Vendor zero-day playbook
← All incidents