✨Introducing: the Phosphorus xIoT Compliance Report Tracking xIoT security to compliance mandates was broken. So we fixed it. Real control. Real proof. No paperwork theater. Learn more 👉

https://t.co/q14f8IF7b6

CISA just said the quiet part out loud. In its latest joint advisory, CISA describes how pro-Russian hacktivist groups are disrupting critical infrastructure by exploiting exposed industrial control interfaces. Read the full analysis here: https://t.co/UKFLEtPuzD

New Research Shows IP Cameras Are Being Used for Missile Targeting. The Bigger Issue? Most Organizations Still Don’t Secure Them. https://t.co/DXQKPbte1l

Heading to the @HealthISAC Fall Summit? Catch Phosphorus Founder and CEO, Chris Rouland’s session and stop by our exhibit for a live demo of the Phosphorus xIoT Security and Management Platform. 🔗 Read the blog and get a preview of Chris’s talk:

The Louvre had cameras to watch the heist in HD. Too bad their password was “LOUVRE.” Visibility isn’t protection. If you’re only seeing your IoT and OT assets — not securing them — you’re basically watching your own breach in 4K. 🔐 https://t.co/z96NJtE3pT

This is Phosphorus declaring independence from opacity and excuses. https://t.co/v67ztCEHcs

It's 2025. Are you ok with default passwords? https://t.co/UctWEgYd3Q

You asked and we delivered! We're excited to announce that we're now enriching device data with CISA’s KEV catalog and FIRST’s EPSS to help CISOs, CIOs, and device owners prioritize and remediate the most critical vulnerabilities. Check out our blog https://t.co/a6pGLUSrxk

The fact that 18 agencies coordinated on this warning shows how serious the threat is. If you manage network infrastructure, read the full advisory NOW. Link in bio. #CyberSecurity #ThreatIntel #NetworkSec #InfoSec 7/7

Why this matters: These actors can now track targets' communications and movements worldwide by compromising the backbone infrastructure we all rely on. They're using trusted network connections to pivot and blend with legitimate traffic. 6/7

Defenders need to: ✓ Audit router configs for unauthorized changes ✓ Monitor for unexpected tunneling protocols ✓ Check SSH services on weird ports ✓ Review TACACS+/RADIUS server configs ✓ Hunt for packet capture activities ✓ Disable unused management protocols 5/7

Attack methods: * Modify ACLs to allow threat actor IPs * Enable SSH on non-standard ports (22x22, xxx22 patterns) * Abuse Cisco Guest Shell containers * Intercept TACACS+/RADIUS authentication traffic * Create GRE/IPsec tunnels for data exfiltration 4/7

Key vulnerabilities being exploited RIGHT NOW: * CVE-2024-21887 (Ivanti) * CVE-2024-3400 (Palo Alto) * CVE-2023-20198/20273 (Cisco IOS XE) * CVE-2018-0171 (Cisco Smart Install) Patch these immediately. 3/7

They're hitting routers, switches & network devices at ISPs, telecom providers, government networks, transportation & military infrastructure. Goal: mass surveillance capabilities to track communications globally. 2/7

THREAD: Major cybersecurity alert from 18 international agencies 🧵 Chinese state-sponsored actors (Salt Typhoon/OPERATOR PANDA) have been compromising global telecom infrastructure since 2021. This is massive. 1/7

🎙️ A new episode of the Phosphorus IoT Security Podcast has dropped! @PhillipWylie is joined by @aseemjakhar, Cybersecurity Entrepreneur, Technologist, and Founder of @expliot_io. https://t.co/rc4X1tPmi4

📣 Phosphorus has appointed Sonu Shankar, its Chief Product Officer, as the new President and Chief Operating Officer. This comes on the heels of a record-breaking growth quarter. https://t.co/s9sVKsEyJt

Norway’s dam hack wasn’t high-tech; it was preventable. Our new blog explores the implications for xIoT risk, hybrid warfare, and the new frontline of cyber-physical security. https://t.co/qYL8yhuIbN

We have secrets too. And we can’t wait to let you in on it! Something powerful, something pink, and something you LOVE is about to drop at DEF CON! Stay tuned. The countdown to the reveal has begun. #EXPLIoT #DefCon2025 #Cybersecurity #HackerTools #TheSecretIsComing