在线暴露的OT设备未进行身份验证 - 研究披露
https://medium.com/@hacker_might/500-ot-devices-exposed-online-without-login-an-ethical-deep-5d6be16200fd
<p>没有实验室,没有物理设备。只有面向互联网的OT系统和一个好奇的心灵。</p>
<p>这项研究始于一个简单的Fofa查询,最终发现了超过500个在线暴露的工业OT设备——无需登录,无需认证。所有设备均通过远程方式发现,负责任地报告,并公开披露以提高公众意识。</p>
<p>这证明了一件事:你不需要访问硬件就能揭示现实世界中的OT风险——只需正确的心态和深入探索的意愿。</p>
查看原文
https://medium.com/@hacker_might/500-ot-devices-exposed-online-without-login-an-ethical-deep-5d6be16200fd<p>No lab. No physical device. Just internet-facing OT systems and one curious mind.<p>This research started with a simple Fofa query and turned into the discovery of over 500 industrial OT devices exposed online — no login, no authentication. All found remotely, responsibly reported, and disclosed for public awareness.<p>It proves one thing: you don’t need access to hardware to uncover real-world OT risks — just the right mindset and the will to look deeper.