Hands Free: What LLM Driven Vulnerability Research Looks Like 2026-06-01 True Tomer Goldschmidt True Exploiting EnOcean SmartServer to Attack Connected Building Management Systems 2026-04-28 True Amir Zaltzman True The Risky Road Bringing Building Management Systems Online: Exploring the CEA-852 Standard 2026-04-08 True Amir Zaltzman True Examining the Legacy BMS LonTalk Protocol 2026-02-19 True Amir Zaltzman True New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras 2026-01-21 True Vera Mens True Roaring Access: Exploiting a Pre-Auth Root RCE on Sixnet RTUs 2025-11-12 True Nitsan Litov True Turning Camera Surveillance on its Axis 2025-08-03 True Noam Moshe True Cascading Chaos: A GOT-Oriented Exploit Story 2025-07-25 True Tomer Goldschmidt True Attention, High Voltage: Exploring the Attack Surface of the Rockwell Automation PowerMonitor 1000 2025-05-28 True Vera Mens True Delving into Windows CE, Part 4: Vulnerability Research into a Windows CE-Based HMI Used in the Wild 2025-05-06 True Tomer Goldschmidt True Team82 Finds Critical Flaws in OPC Protocol Implementations 2025-04-17 True Uri Katz True OT Operators Slow to Update Vulnerable Remote Access Devices 2025-04-10 True Tal Keren; Sharon Brizinov True Vendors Affected by Wibu CodeMeter Vulnerabilities 2025-04-10 True True Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… 2025-02-26 True True Hack The Emulated Planet: Vulnerability Hunting on Planet WGS-804HPT Industrial Switches 2025-01-22 True Tomer Goldschmidt True Inside a New IoT/OT Cyberweapon: IOCONTROL 2024-12-20 True True Inside a New OT/IoT Cyberweapon: IOCONTROL 2024-12-16 True True The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices 2024-12-09 True Noam Moshe; Tomer Goldschmidt True The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking 2024-11-12 True Uri Katz True MMS Under the Microscope: Examining the Security of a Power Automation Standard 2024-10-07 True Mashav Sapir; Vera Mens True From Exploits to Forensics: Unraveling the Unitronics Attack 2024-08-07 True True Bypassing Rockwell Automation Logix Controllers’ Local Chassis Security Protection 2024-08-01 True Sharon Brizinov True Pwn2Own: Pivoting from WAN to LAN to Attack a Synology BC500 IP Camera, Part 2 2024-07-16 True Sharon Brizinov; Uri Katz; Tomer Goldschmidt; Noam Moshe True Pwn2Own: WAN-to-LAN Exploit Showcase, Part 1 2024-07-15 True Sharon Brizinov; Noam Moshe; Tomer Goldschmidt True Hacking a $100K Gas Chromatograph without Owning One 2024-06-24 True Vera Mens True OPC-UA Deep Dive Series (Part 10): Security Tips for Asset Owners 2024-05-20 True True Exploiting Honeywell ControlEdge VirtualUOC 2024-05-16 True Uri Katz True OPC UA Deep Dive: A Complete Guide to the OPC UA Attack Surface 2024-05-01 True True Exploiting a Classic Deserialization Vulnerability in Siemens SIMATIC Energy Manager 2024-04-24 True Noam Moshe True Unpacking the Blackjack Group's Fuxnet Malware 2024-04-15 True True Practical and Theoretical Attacks in the Industrial Landscape (Part 2) 2024-03-11 True Tomer Goldschmidt True OPC UA Deep Dive Series (Part 9): Chaining Vulnerabilities to Exploit Softing OPC UA Integration Server 2024-01-30 True Uri Katz True Synology NAS DSM Account Takeover: When Random is not Secure 2024-01-19 True Sharon Brizinov True OPC UA Deep Dive Series (Part 8): Gaining Client-Side Remote Code Execution 2023-12-21 True Noam Moshe True OPC UA Deep Dive Series (Part 6): OPC UA Exploit Framework 2023-12-21 True Sharon Brizinov; Uri Katz True DICOM Demystified: Exploring the Underbelly of Medical Imaging 2023-11-29 True Noam Moshe True OPC UA Deep Dive Series (Part 7): Practical Denial of Service Attacks 2023-11-07 True True Critical Vulnerabilities Found in Rockwell FactoryTalk AssetCentre 2023-10-31 True Amir Preminger; Sharon Brizinov True Boost Your Network with Team82's boofuzz OPC UA Fuzzer 2023-10-31 True Vera Mens True OPC UA Deep Dive Series (Part 4): Targeting Core OPC UA Components 2023-10-30 True True Software-Based PLC Flaws Enable Windows Box Code Execution 2023-10-30 True Mashav Sapir True Security Flaws Exposed in QuickBlox Chat And Video Framework 2023-10-30 True Amir Preminger; Sharon Brizinov; Itay Cohen; Oleg Ilushin True OPC UA Deep Dive Series (Part 5): Inside Team82’s Research Methodology 2023-10-30 True True Exploiting Cloud Connectivity to PWN your NAS: Synology DS920 2023-10-24 True Vera Mens; Sharon Brizinov True EDS Subsystem Vulnerabilities Expose OT Assets to Malicious File Delivery 2023-10-18 True True Exploiting Cloud Connectivity to PWN your NAS: WD PR4100 2023-10-18 True Noam Moshe True ENIP Stack Vulnerability Causes Crashes or Leads to Code Execution 2023-10-18 True Sharon Brizinov True Stack-Based Buffer Overflow Vulnerability Discovered in Industrial VPN 2023-10-18 True True VPN Security Flaws Pose Cyber Risk to Remote OT Personnel 2023-10-18 True True Wibu-Systems CodeMeter Vulnerabilities Expose OT Networks 2023-10-18 True Sharon Brizinov; Tal Keren True 
