Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures

OPC-UA is the most popular protocol today in ICS/SCADA and IoT environments for data exchanges from sensors to on-premises or cloud applications. OPC-UA is therefore the bridge between different OT trust zones and a crown jewel for attacks attempting to break security zones and crossover from the industrial to corporate networks. For the past two years, we have been researching dozens of OPC-UA protocol stack implementations being used in millions of industrial products. We focused on two main attack vectors: attacking OPC-UA servers and protocol gateways, and attacking OPC-UA clients.... By: Sharon Brizinov , Noam Moshe Full Abstract and Presentation Materials: https://www.blackhat.com/us-23/briefi...

A Pain in the NAS: Exploiting Cloud Connectivity to PWN Your NAS
▶︎

A Pain in the NAS: Exploiting Cloud Connectivity to PWN Your NAS

Houston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites
▶︎

Houston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites

The Ugly Truth of P2V Server Migration: It's Not Magic
▶︎

The Ugly Truth of P2V Server Migration: It's Not Magic

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

DEF CON 33 - No VPN Needed? Cryptographic Attacks Against the OPC UA Protocol  - Tom Tervoort
▶︎

DEF CON 33 - No VPN Needed? Cryptographic Attacks Against the OPC UA Protocol - Tom Tervoort

Agentic Development Lifecycle (ADLC): Why we need it in 2026 and its major building blocks.
▶︎

Agentic Development Lifecycle (ADLC): Why we need it in 2026 and its major building blocks.

What is OPC UA |How it works ? Tutorial for Beginners
▶︎

What is OPC UA |How it works ? Tutorial for Beginners

DEF CON 31 - Exploiting OPC UA - Practical Attacks Against OPC UA Architectures - Moshe, Brizinov
▶︎

DEF CON 31 - Exploiting OPC UA - Practical Attacks Against OPC UA Architectures - Moshe, Brizinov

Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days
▶︎

Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days

DEF CON 30  - Sharon Brizinov - Evil PLC Attacks - Weaponizing PLCs
▶︎

DEF CON 30 - Sharon Brizinov - Evil PLC Attacks - Weaponizing PLCs

MQTT vs OPC UA. Inch deeper
▶︎

MQTT vs OPC UA. Inch deeper

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed
▶︎

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed

Cloud-native Postgres observability: from client apps to underlying cloud resources / Peter Zaitsev
▶︎

Cloud-native Postgres observability: from client apps to underlying cloud resources / Peter Zaitsev

Black Hat Europe 2025 | The Forensic Trail On GitHub: Hunting For Supply Chain Activity
▶︎

Black Hat Europe 2025 | The Forensic Trail On GitHub: Hunting For Supply Chain Activity

40Hz Binaural Gamma Waves - Ultra Deep Concentration
▶︎

40Hz Binaural Gamma Waves - Ultra Deep Concentration

The World's Most Important Machine
▶︎

The World's Most Important Machine

System Design Explained: APIs, Databases, Caching, CDNs, Load Balancing & Production Infra
▶︎

System Design Explained: APIs, Databases, Caching, CDNs, Load Balancing & Production Infra

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Black Hat Europe 2025 | Silence On macOS: What 70K Binaries Reveal About The macOS Malware Ecosystem
▶︎

Black Hat Europe 2025 | Silence On macOS: What 70K Binaries Reveal About The macOS Malware Ecosystem

How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)
▶︎

How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)