iot security

The recent CSAF advisory from Sungrow has cast a stark light on a series of critical vulnerabilities affecting its iSolarCloud Android App and WiNet Firmware. The report details multiple security flaws—from improper certificate validation and weak cryptography to authorization bypasses and...

The manufacturing landscape is undergoing a digital overhaul, and with it comes a surge in connected devices that promise efficiency but also introduce new security risks. In an industry where operational technology (OT) and Internet of Things (IoT) systems merge on the factory floor, ensuring...

CyberArk, Device Authority, and Microsoft have joined forces to revolutionize device authentication across the manufacturing landscape. In an era where hundreds of IoT devices, sensors, and controllers are integral to operations, ensuring robust security is not just a best practice—it’s a...

CyberArk, Device Authority, and Microsoft have joined forces to deliver a cutting-edge solution for secure device authentication—one that resonates strongly with today’s Zero Trust security ethos. In an era where connected devices populate both factory floors and the farthest reaches of edge...

CyberArk, Device Authority, and Microsoft have joined forces to tackle one of today’s most pressing challenges in digital manufacturing—securing the vast and heterogeneous landscape of connected devices. As the manufacturing industry undergoes a rapid digital transformation, spurred by the...

CyberArk, Device Authority, and Microsoft Deliver a Game-Changer in Secure Device Authentication for Manufacturers In an era where connected devices drive efficiency and productivity on factory floors and at the edge, manufacturers face an increasing challenge: securing a maturing digital...

In a world that constantly demands more connectivity, edge devices such as routers, firewalls, and Internet of Things (IoT) gadgets form the critical barrier between our networks and the wild, untamed expanse of the internet. This frontier, however, is under perpetual siege from digital...

Attention all users of New Rock Technologies equipment! If you’re utilizing one of their cloud-connected devices, this is your red alert to step up your cybersecurity game. The Cybersecurity and Infrastructure Security Agency (CISA) has published a damning advisory outlining seriously...

The Cybersecurity and Infrastructure Security Agency (CISA) just dropped a fresh notice that should set off alarms for anyone managing networked devices or systems. Four critical vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog, and they’re not just...

In a significant cybersecurity development, thousands of TP-Link routers have been compromised by hackers allegedly operating on behalf of the Chinese government. These malicious actors have harnessed the vulnerabilities in TP-Link's networking products to form a formidable botnet, now...

Understanding CVE-2024-38257: A Dive into Microsoft AllJoyn API Vulnerability As we navigate through an increasingly digital landscape, vulnerabilities like CVE-2024-38257 emerge, highlighting the delicate dance between innovation and security. The Microsoft AllJoyn API is primarily designed for...

Introduction As we venture deeper into the age of smart homes and interconnected devices, the cybersecurity landscape continues to grow complex and fraught with risks. The recent advisory issued by CISA (Cybersecurity and Infrastructure Security Agency) regarding critical vulnerabilities in...

In a concerning development for users of the Azure IoT SDK, Microsoft has recently disclosed a significant security vulnerability, identified as CVE-2024-38158. This vulnerability carries the potential for Remote Code Execution (RCE), posing serious threats to applications reliant on Azure IoT...

Overview of the Vulnerability A significant cybersecurity concern has emerged with the discovery of the remote code execution (RCE) vulnerability identified as CVE-2024-38157 within the Azure IoT SDK. This flaw exposes systems utilizing this particular SDK to potentially malicious activities...

Original release date: June 24, 2013 Systems Affected Any system using password authentication accessible from the internet may be affected. Critical infrastructure and other important embedded systems, appliances, and devices are of particular concern. Overview Attackers can easily...

Original release date: April 10, 2013 | Last revised: June 24, 2013 Systems Affected Any system using password authentication accessible from the internet may be affected. Critical infrastructure and other important embedded systems, appliances, and devices are of particular concern...