iot security

The industrial cybersecurity landscape continues to evolve rapidly, with new vulnerabilities emerging in critical systems that underpin both manufacturing and modern infrastructure. Recent advisories from the Cybersecurity & Infrastructure Security Agency (CISA) and Siemens have drawn urgent...

As ICS vulnerabilities steadily march up the agenda of national security, critical infrastructure, and enterprise risk management, the release of thirteen new advisories by CISA on March 13, 2025, arrives as both a technical warning and an urgent call to action for IT, OT, and Windows...

The recently disclosed vulnerability in the Vestel AC Charger, identified as CVE-2025-3606, highlights the persistent risks faced by the rapidly growing market for electric vehicle (EV) charging solutions. As electric vehicles become increasingly prevalent worldwide, the infrastructure that...

The recent release of five Industrial Control Systems (ICS) advisories by the Cybersecurity and Infrastructure Security Agency (CISA) marks a significant moment for cybersecurity professionals and operational technology stakeholders. Against a backdrop of rapidly evolving cyber threats, these...

As the manufacturing sector races ahead in its digital transformation, the intersection of IoT, OT, and security comes sharply into focus. Today, the digital thread runs deep in factories, weaving intelligent automation, connected sensors, and remote operations into a unified tapestry that...

As the digital landscape continues to expand, vulnerabilities that expose critical infrastructure become more consequential. Recently, a set of alarming security flaws was disclosed by CISA affecting Optigo Networks’ Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool—products...

In the rapidly evolving landscape of industrial security, manufacturers are grappling with an unprecedented surge in connected devices. This digital transformation, often coined as Industry 4.0, demands robust, scalable, and efficient approaches to identity security and device authentication...

Hackers are continuously upping their game, and the latest twist in the ransomware saga comes from a group known as Akira. In 2024, Akira ransomware has accounted for approximately 15% of cybersecurity incidents, leveraging an ingenious—and unsettling—tactic: using unsecured IoT devices like...

The story of how the Akira ransomware group weaponized an unsecured webcam to circumvent enterprise-grade security—and the lessons it offers—reads like a stark warning for every organization, large or small, that believes their digital moats are impenetrable. In an age where Endpoint Detection...

Seven years ago, when Microsoft began its journey towards a Zero Trust security model, “trust but verify” was tossed out the window like an old Clippy paperclip, and “never trust, always verify” took its place. If you’re picturing a fortress of firewalls and VPN tunnels coiled around Microsoft’s...

If you ever thought the world of physical security systems was as impenetrable as the steel doors they control, the latest revelation about the Nice Linear eMerge E3 might make you want to double-check who’s outside before buzzing them in. Executive Summary With a Twist Let’s start with the...

Nothing says "welcome to the future" quite like plugging in your car and worrying that somewhere, someone in their pajamas is poking around your charger’s secrets from thousands of miles away. That’s the scenario Vestel AC Charger users find themselves in after a recent vulnerability was...

It probably wasn’t on your 2025 bingo card to revisit a discontinued home automation relic threatened by remote hackers with a penchant for credential snatching, but here we are: the Schneider Electric Wiser Home Controller WHC-5918A is back in the limelight—and not for a firmware upgrade. If...

Unpacking the Security Risks in Growatt Cloud Applications In the rapidly evolving landscape of energy management, cloud-based software platforms have become indispensable tools for monitoring and controlling renewable energy systems. Among them, Growatt Cloud Applications stand out as a popular...

The recent CSAF advisory from Sungrow has cast a stark light on a series of critical vulnerabilities affecting its iSolarCloud Android App and WiNet Firmware. The report details multiple security flaws—from improper certificate validation and weak cryptography to authorization bypasses and...

CyberArk, Device Authority, and Microsoft have joined forces to revolutionize device authentication across the manufacturing landscape. In an era where hundreds of IoT devices, sensors, and controllers are integral to operations, ensuring robust security is not just a best practice—it’s a...

CyberArk, Device Authority, and Microsoft Deliver a Game-Changer in Secure Device Authentication for Manufacturers In an era where connected devices drive efficiency and productivity on factory floors and at the edge, manufacturers face an increasing challenge: securing a maturing digital...

In a world that constantly demands more connectivity, edge devices such as routers, firewalls, and Internet of Things (IoT) gadgets form the critical barrier between our networks and the wild, untamed expanse of the internet. This frontier, however, is under perpetual siege from digital...

Attention all users of New Rock Technologies equipment! If you’re utilizing one of their cloud-connected devices, this is your red alert to step up your cybersecurity game. The Cybersecurity and Infrastructure Security Agency (CISA) has published a damning advisory outlining seriously...

The Cybersecurity and Infrastructure Security Agency (CISA) just dropped a fresh notice that should set off alarms for anyone managing networked devices or systems. Four critical vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) Catalog, and they’re not just...