Netcrook
Industrial Cybersecurity & Critical Infrastructure / North America
When a Robot Fleet Shares One Secret, the Broker Becomes the Blast Radius
A CISA advisory on Yarbo’s mobile app and cloud control path shows how shared MQTT credentials and missing authorization can turn telemetry into a fleet-wide security problem.
Maryland Bets on the Skills Cybersecurity Keeps Forgetting: ICS/OT and AI
A workforce expansion in Maryland is putting industrial systems and AI security on the same training map, a sign that cyber defense is becoming more specialized by the month.
Why a New Monorail Became a Cybersecurity Case Study Before It Carries a Single Passenger
DNV’s selection for the Santiago de los Caballeros monorail shows how rail operators are moving cybersecurity into the build phase, where standards, suppliers, and safety-critical systems all collide.
OT Security Moves Upstairs: Why Industrial Risk Is Ending Up on the Board Agenda
Fortinet’s latest OT security report points to a familiar but important shift: industrial cybersecurity is no longer being treated as a niche engineering issue, but as an executive risk question tied to resilience and control.
Rockwell’s SecureOT Update Shows Why Industrial Visibility Is Becoming the New Security Control
A fresh SecureOT launch puts the spotlight back on one of OT security’s hardest problems: seeing legacy industrial assets clearly without disrupting production.
The Grid’s Quiet Weakness: Old Machines, New Connectivity, and the Hunt Inside the Network
Utilities are wiring decades-old control gear into modern digital systems, and that shift is turning identity, monitoring, and trust boundaries into the real battlefield.
When Tank Gauges Go Online, the Safety Layer Becomes the Target
More than 900 exposed automatic tank gauge systems point to a quieter kind of infrastructure risk: the monitoring console itself can become the easiest path into a fuel or chemical site.
When a SCADA Stack Meets a One-Way Gate, OT Security Gets More Interesting
Owl Cyber Defense and Trihedral have tied data diode technology to VTScada, a move that highlights how industrial operators are trying to export data without widening the inbound attack surface.
Tank Gauges Under Watch: Why a Quiet Industrial Device Class Just Became a Cyber Priority
A recent investigation into cyber intrusions targeting automatic tank gauge systems has pushed operators to harden a device class that often sits outside the spotlight but inside critical operations.
AI Finds the Bugs - But the Real Battle Is Who Can Fix Them First
Anthropic’s Project Glasswing is expanding into critical infrastructure, and that turns vulnerability discovery into a throughput problem for defenders.
Fuel Gauges on the Net: A Quiet OT Device Moves Into the Crosshairs
A federal warning about Automatic Tank Gauge systems shows how a seemingly modest monitoring tool can become an exposed operational technology target.
Industrial Cyber Risk Is Becoming a Governance Problem, Not Just a Plant Problem
As industrial operations, suppliers, and public infrastructure grow more connected, the central challenge is shifting from isolated protection to managing interdependencies, ownership, and supply-chain risk.
ChemLock Moves Behind the Scenes as CISA Builds a Safer Intake for Chemical Security Help
The federal shift is administrative, not punitive: a new information request is meant to help CISA deliver voluntary security consultations, onsite assessments, and risk-reduction support to chemical facilities.
Silent Sensors, Real-World Risk: Why U.S. Agencies Are Watching Tank Gauge Networks
Federal agencies have flagged ongoing cyberattacks targeting automatic tank gauge systems, a reminder that attacks on industrial sensors can become physical risk long before anyone sees smoke.
When AI Finds More Bugs Than Humans Can Fix
A new wave of AI-assisted vulnerability hunting is widening its reach into critical infrastructure, but the bigger security question is whether remediation can keep up.
Dragos Bets on a Wider Blast Radius: Why the Phosphorus Deal Matters
The acquisition is a sign that industrial defenders are chasing more than network visibility, with xOT security now stretching toward the device layer itself.
Dragos Bets on Device Control, Not Just Visibility, With Phosphorus Deal
The acquisition points to a practical shift in industrial security: from spotting connected assets to building a safer path toward inventory, device intelligence, and controlled remediation.
Washington’s New Logging Push Brings Industrial Networks Into the Watch Room
A federal cybersecurity directive is steering agencies toward centralized logging and AI-assisted detection for IoT and OT environments, with visibility now treated as a core defense layer.
NIST's FY2025 Report Maps the Pressure Points in AI, 5G, IoT, and Infrastructure Resilience
The annual publication is not an incident alert, but it does show where a major standards body is concentrating its cybersecurity and privacy work.
When Cyber Risk Becomes a Governance Problem, Critical Infrastructure Changes Its Rules
Critical services are now judged less by how many attacks they block and more by how well leaders can manage interdependence, safety, recovery, and public trust.