Collecting Cyber-News from over 60 sources

Tag: iot

Mitsubishi Deal Gives Nozomi Broader OT Security Reach

Mar 18, 2026 11:10 PM

Tags: ceo, cybersecurity, iot, network

CEO Says Added OEM Context Can Sharpen Industrial Cybersecurity and New Use Cases. Nozomi Networks CEO Edgard Capdevielle said Mitsubishi Electric’s purchase gives the industrial cybersecurity firm richer OEM context to improve OT and IoT security and pursue adjacent use cases such as asset visibility, maintenance support and operational efficiency across critical infrastructure. First seen…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
ColorTokens Once Again Named a Leader and Outperformer in the 2026 GigaOm Radar for Microsegmentation

Mar 17, 2026 8:10 PM

Tags: cloud, container, data, endpoint, infrastructure, iot

Microsegmentation has moved well beyond a narrow infrastructure conversation. Today, teams need to enforce policy across cloud workloads, data centers, user endpoints, containers, and OT and IoT environments without creating more operational friction than security value. That broader requirement is exactly why we built the ColorTokens Xshield Enterprise Microsegmentation Platform the way we did. It is also……
Top IoT Security Best Practices to Prevent Cyber Attacks in 2026

Mar 17, 2026 11:10 AM

Tags: attack, best-practice, cyber, healthcare, Internet, iot, technology

The Internet of Things (IoT) continues to expand across industries, connecting smart devices, sensors, and systems that help organizations automate operations and collect real-time data. From smart manufacturing equipment to connected healthcare devices and smart buildings, IoT technology improves efficiency and productivity. However, the growing number of connected devices also increases exposure to cyber threats….…
What smart factories keep getting wrong about cybersecurity

Mar 16, 2026 8:09 AM

Tags: cybersecurity, iot, vulnerability

In this Help Net Security interview, Packsize CSO Troy Rydman breaks down the biggest vulnerabilities in smart factory environments today, from IoT devices and legacy systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/16/troy-rydman-packsize-smart-factory-cybersecurity-risks/
Proxy-Netzwerk zerschlagen: 370.000 Router und IoT-Geräte von Hackern missbraucht

Mar 13, 2026 11:10 AM

Tags: iot, malware, router

Mit Socksescort haben Cyberkriminelle durch mit Malware infizierte Router und IoT-Geräte ihren Traffic verschleiert. Damit ist jetzt Schluss. First seen on golem.de Jump to article: www.golem.de/news/proxy-netzwerk-zerschlagen-370-000-router-und-iot-geraete-von-hackern-missbraucht-2603-206455.html
Zero Trust: Absicherung mobiler IoT- und OT-Systeme

Mar 13, 2026 5:09 AM

Tags: iot, zero-trust

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/zero-trust-absicherung-mobil-iot-ot-systeme
Authorities takedown global proxy network SocksEscort

Mar 12, 2026 6:10 PM

Tags: botnet, cybercrime, iot, network, router

The botnet, which compromised routers and IoT devices in 163 countries, claimed about 369,000 victims and $5.8 million from its cybercriminal customers, officials said. First seen on cyberscoop.com Jump to article: cyberscoop.com/socksescort-proxy-network-botnet-takedown/
Why zero trust breaks down in IoT and OT environments

Mar 11, 2026 12:49 PM

Tags: access, attack, automation, breach, cloud, control, credentials, cyber, firewall, firmware, group, identity, infrastructure, iot, network, nist, resilience, risk, service, tool, update, zero-trust

The IoT and OT blind spot: IoT and OT environments consistently exhibit three characteristics that create persistent security blind spots.First, visibility is incomplete by design. Devices are frequently deployed by facilities teams, engineering groups, or third-party integrators rather than security organizations. Asset inventories lag reality. Telemetry is sparse, proprietary, or intermittent. Many devices communicate only…
March Patch Tuesday: Three high severity holes in Microsoft Office

Mar 11, 2026 1:48 AM

Tags: ai, apache, backup, browser, chrome, cloud, credentials, cve, cvss, cyber, email, endpoint, exploit, google, incident, incident response, injection, insurance, iot, linux, macOS, malicious, microsoft, network, office, sap, soc, sql, tool, update, vulnerability, windows

aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required.”The cloud ecosystem doesn’t really handle patching well,” Reguly said. “It’s a relatively immature process, and the way that Microsoft handles these products really demonstrates that. The CVE impacting Azure Linux Virtual Machines (CVE-2026-23665) or the multiple CVEs…
Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)

Mar 10, 2026 10:48 PM

Tags: access, ai, attack, authentication, best-practice, cve, cyber, data, dos, exploit, flaw, identity, infrastructure, iot, linux, microsoft, mobile, office, rce, remote-code-execution, service, sql, tool, update, vulnerability, windows

8Critical 75Important 0Moderate 0Low Microsoft addresses 83 CVEs including two vulnerabilities that were publicly disclosed prior to a patch being released. Microsoft patched 83 CVEs in its March 2026 Patch Tuesday release, with eight rated critical and 75 rated as important. Our counts omitted one CVE (CVE-2026-26030) assigned by GitHub. This month’s update includes patches…
New Linux Rootkits Leverage Advanced eBPF and io_uring Techniques for Stealthy Attacks

Mar 6, 2026 10:47 AM

Tags: attack, cloud, container, cyber, infrastructure, injection, iot, linux, threat, windows

Linux rootkits have historically received less attention than their Windows counterparts, but the rapid adoption of Linux in cloud infrastructure, containers, and IoT devices has shifted the threat landscape. Attackers are constantly innovating, and over the past two decades, Linux rootkits have evolved significantly. While early threats relied on easily detectable userland shared object injections…
Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

Mar 2, 2026 1:47 PM

Tags: ai, authentication, awareness, business, chatgpt, cisa, ciso, cloud, control, cyber, cybersecurity, data, detection, firmware, framework, fraud, governance, identity, injection, iot, law, leak, LLM, metric, mitre, network, nist, offense, radius, RedTeam, resilience, risk, risk-management, service, social-engineering, threat, tool, unauthorized, update

A detection engineer owning “detection as code” patterns and test harnessesA threat hunter owning telemetry quality improvements and query optimizationAn incident responder owning tabletop iterations and runbook hardeningA cloud security lead owning guardrailed landing zone enhancementsThe critical constraint is this: every experiment needs an exit plan. Either it becomes a supported capability, or it is…
5 IoT Vulnerabilities That Stop Projects and How to Avoid Them

Feb 28, 2026 2:36 PM

Tags: iot, vulnerability

Stop the 75% failure rate. Learn which device vulnerabilities stall deployments and the exact fixes that get IoT projects to production. First seen on hackread.com Jump to article: hackread.com/5-iot-vulnerabilities-killing-projects-launch/
Forescout and Netskope Deliver Universal Zero Trust Integration Across Managed and Unmanaged Devices

Feb 26, 2026 4:37 PM

Tags: ai, cloud, cybersecurity, intelligence, iot, zero-trust

Forescout Technologies Inc., a global cybersecurity leader, and Netskope (NASDAQ: NTSK), a leader in modern security and networking for the cloud and AI era, have announced a strategic integration designed to deliver Zero Trust security across every device managed and unmanaged IT, OT, IoT and IoMT. By combining Forescout’s real-time device intelligence with Netskope’s The…
KLAS Research zeichnet Claroty als Top-Performer im Bereich Healthcare-IoT-Sicherheit aus

Feb 26, 2026 2:40 PM

Tags: healthcare, iot, service, software

Claroty wurde vom renommierten Healthcare-Analyseunternehmen KLAS Research als Top-Performer für IoT-Sicherheit im Gesundheitswesen ausgezeichnet. In dem Report ‘2026 Best in KLAS Awards: Software and Services Report” erhielt der Spezialist für die Sicherheit cyberphysischer Systeme eine Gesamtbewertung von 92,5 von 100 Punkten. Diese basiert auf Kundenbewertungen von 35 verschiedenen Gesundheitseinrichtungen und spiegelt so die Erfahrungen im…
Cyber Resilience Act und IoT-Sicherheit: Was Hersteller jetzt wissen müssen

Feb 24, 2026 11:02 AM

Tags: compliance, cyber, firmware, iot, resilience

Der neue CRA, er verbietet nicht nur schwache Passwörter. Er verbietet gemeinsam genutzte und fest codierte Anmeldedaten in der IoT-Geräteflotte. Das in der Firmware eingebettete Client-Geheimnis? Es ist nicht mehr Compliance-konform. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cyber-resilience-act-und-iot-sicherheit-was-hersteller-jetzt-wissen-muessen/a43805/
Microsoft extends security patching for three Windows products at a price

Feb 24, 2026 11:02 AM

Tags: iot, microsoft, update, windows

Support is ending for three Windows products released in 2016, with deadlines beginning in October 2026. Windows 10 Enterprise LTSB 2016 and Windows 10 IoT Enterprise 2016 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/24/windows-extended-security-updates-program-deadlines/
Connected & Compromised: When IoT Devices Turn Into Threats

Feb 23, 2026 6:01 PM

Tags: attack, Internet, iot, network, password, threat

Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous. First seen on darkreading.com Jump to article: www.darkreading.com/iot/connected-compromised-iot-devices-turn-threats
Best Cyber Security Consulting Companies

Feb 21, 2026 10:01 AM

Tags: attack, cyber, exploit, Internet, iot

With rapid technological progress, it is estimated that nearly 200 billion connected devices, ranging from medical equipment and industrial machines to cars, smartphones, and home appliances, will be communicating through the Internet of Things (IoT) and Industrial IoT (IIoT). This massive interconnected ecosystem creates an enormous attack surface for attackers to exploit, disrupt, and infiltrate….…
Connected and Compromised: When IoT Devices Turn Into Threats

Feb 19, 2026 10:01 PM

Tags: attack, Internet, iot, network, password, threat

Reused passwords, a lack of network segmentation, and poor sanitization processes make the Internet of Things’ attack surfaces more dangerous. First seen on darkreading.com Jump to article: www.darkreading.com/iot/connected-compromised-iot-devices-turn-threats
Shadow Machines: The Non-Human Identities Exposing Your Cloud AI Stack

Feb 19, 2026 10:01 AM

Tags: access, ai, api, authentication, automation, business, cloud, compliance, container, control, credentials, data, encryption, framework, governance, iam, identity, infrastructure, iot, jobs, login, mfa, password, risk, risk-management, saas, service, software, strategy, supply-chain, tool

Shadow Machines: The Non-Human Identities Exposing Your Cloud & AI Stack madhav Thu, 02/19/2026 – 06:30 The machines we don’t see are the ones running our businesses. Unfortunately, most IAM systems do not track them. In an ironic twist, the ghost in the machine has become the machine itself: invisible, autonomous, and increasingly beyond human…
Müll als Datenquelle: Thermische Abfallbehandlung zur Energiegewinnung mit IoT-Datenauswertung

Feb 18, 2026 2:58 PM

Tags: iot

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/muell-datenquelle-thermische-abfallbehandlung-energiegewinnung-iot-datenauswertung
“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities

Feb 18, 2026 12:58 PM

Tags: iot, tool, vulnerability

A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/good-enough-emulation/
“Good enough” emulation: Fuzzing a single thread to uncover vulnerabilities

Feb 18, 2026 12:58 PM

Tags: iot, tool, vulnerability

A Talos researcher used targeted emulation of the Socomec DIRIS M-70 gateway’s Modbus thread to uncover six patched vulnerabilities, showcasing efficient tools and methods for IoT security testing. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/good-enough-emulation/
Gartner® Names Tenable as the Current Company to Beat for AI-Powered Exposure Assessment in a 2025 Report

Feb 12, 2026 4:58 PM

Tags: access, ai, api, attack, automation, business, cloud, container, cyber, cybersecurity, data, exploit, finance, flaw, gartner, governance, identity, intelligence, iot, leak, network, risk, service, technology, threat, tool, update, vulnerability

“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in “AI Vendor Race: Tenable Is the Company to Beat for AI-Powered Exposure Assessment.” Key Takeaways from Tenable: This is the latest among a recent string of recognitions Tenable…
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks

Feb 12, 2026 3:58 PM

Tags: cyber, cyberattack, infrastructure, Internet, iot, malicious, network, office, router, threat

Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these networks act like private residential proxy systems that blend malicious traffic with legitimate user activity.…
The FBI Recovered “Deleted” Nest Cam Footage, Here’s Why Every CISO Should Panic

Feb 12, 2026 10:58 AM

Tags: cctv, ciso, cloud, cybersecurity, data, google, iot, technology

The Nancy Guthrie case reveals data retention issues in cloud technology, as investigators recovered footage from a Google Nest camera that should have been deleted, emphasizing the need for stronger cybersecurity measures for IoT devices First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-fbi-recovered-deleted-nest-cam-footage-heres-why-every-ciso-should-panic/
IoT Penetration Testing: Definition, Process, Tools, and Benefits

Feb 1, 2026 8:13 AM

Tags: attack, breach, cloud, exploit, firmware, iot, mobile, penetration-testing, risk, service, tool

IoT penetration testing is a security assessment of the complete IoT ecosystem, from backend systems and cloud services to mobile devices and hardware. It involves a multi-stage simulated attack on IoT devices and their supporting system to identify security risks before attackers can exploit them. Unpatched firmware is responsible for 60% of IoT security breaches,……