A recent cybersecurity investigation has uncovered critical flaws in nearly 35,000 solar energy systems across 42 vendors globally, leaving them exposed to potential internet-based cyberattacks. The findings raise major concerns as solar infrastructure becomes increasingly integrated into national power grids, creating new avenues for malicious interference.
Europe accounts for the majority of these exposed systems, with 76% located across the continent. Asia follows with 17%, while the remaining 8% are spread across other regions. Germany, Greece, and Italy report the highest numbers of vulnerable devices.
Forescout analysts conducted the scan using the Shodan search engine on May 9, 2025, identifying exposed solar equipment such as inverters, data loggers, and communication devices. The report builds on Forescout’s previous SUN:DOWN research, which found 46 critical vulnerabilities that could allow attackers to take control of inverter fleets.
The alarm over solar energy system security has grown following recent incidents. In May, Reuters reported unauthorized communication modules inside Chinese-made inverters, sparking international scrutiny over remote shutdown capabilities. Around the same time, a widespread grid failure affected Madrid and Lisbon, disrupting airports, trains, and payments—though this event wasn’t linked to cyberattacks.
The situation illustrates how weaknesses in solar devices may serve as entry points into larger power networks, especially in countries like Spain, where renewables generate up to 70% of electricity. Grid instability, combined with exploitable device vulnerabilities, heightens the overall threat.
One device under particular scrutiny is the CONTEC SolarView Compact. Exposure of these devices has surged by 350% in just two years—from 600 in 2023 to nearly 3,000 by 2025—now accounting for 8% of all exposed systems globally. These systems contain critical vulnerabilities, including CVE-2022-29303, CVE-2022-40881, CVE-2023-23333, and CVE-2023-29919, which attackers actively exploit.
Several IPs involved in these exploitations are linked to botnets or Tor exit nodes, with origins mainly in Singapore, Germany, and the Netherlands.
Security experts urge operators to follow basic cybersecurity hygiene. Devices should never be exposed directly to the internet. Instead, they recommend using VPNs for remote access and adhering to CISA’s remote management guidelines to reduce exposure.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: CybersecurityNews.com
In the current digital age, cloud malware threats pose a serious risk to businesses of all sizes. Companies are shifting rapidly to cloud-based infrastructure for agility and scalability. However, cybercriminals are also evolving. They’re now targeting these systems with malware tailored to exploit cloud vulnerabilities. As a result, security leaders must adopt smarter, faster, and more flexible defense strategies.
Notably, cloud malware thrives on interconnectivity. Once it enters the system—often through misconfigured settings—it spreads laterally. It uses shared resources and APIs to jump from one service to another. This can lead to severe data breaches and major disruptions. On average, recovery from a cloud malware incident can cost upwards of $4.5 million. Moreover, it affects trust, damages brand image, and often leads to compliance issues.
Although the threat is real, businesses can fight back effectively. The key is awareness, automation, and accountability.
Strategic Measures to Defend Against Cloud Malware Threats
To fight cloud malware threats, businesses must take layered action. First and foremost, automated threat detection tools help identify unusual activity. They also isolate infected resources quickly. This reduces the spread and gives security teams time to act. Because cloud systems work in real time, automated protection becomes essential.
Equally important, training staff remains a strong line of defense. Employees who understand social engineering risks can spot phishing attempts earlier. That awareness helps block entry points before attackers exploit them. Over time, a well-trained team becomes your first firewall.
Moreover, understanding cloud responsibility is vital. Cloud vendors secure infrastructure, but your business must protect its own data. That includes monitoring access, encrypting data, and controlling user privileges. If you overlook this, cloud malware will find an opening. Therefore, both sides must play their role fully.
To sum up, cloud malware threats are here to stay—but they’re not unbeatable. With vigilant teams, clear security policies, and automated tools, companies can stay ahead of attackers. Focus on proactive steps and build a culture where security is everyone’s business.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security,follow SOC News.
News Source: cybersecuritynews.com
U.S. officials will extend support for 11 months for a database of cyber weaknesses that plays a critical role in fighting bugs and hacks, a spokesperson said on Wednesday, just as the funding was due to run out.
The expected cut-off of payments for the non-profit MITRE Corp’s Common Vulnerabilities and Exposures database had spread alarm across the cybersecurity community.
The U.S.-backed database acts as a catalog for cyber weaknesses and allows IT administrators to quickly flag and triage the different bugs and hacks discovered daily.
The last-minute change of plan after the importance of the service was highlighted publicly is another instance of the confusion across government as U.S. President Donald Trump’s administration makes deep cuts to public spending.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Attackers are shifting tactics, targeting mid-size companies and critical infrastructure sectors, while generative AI risks threaten to overshadow a focus on cyber hygiene.
Ransomware attacks continue to be one of the most significant cybersecurity threats organizations and cybersecurity leaders face. Attacks lead to wide-scale disruptions, large data breaches, huge payouts and millions of dollars in costs to businesses.
In response, large, coordinated law enforcement operations have targeted major ransomware groups and disrupted operations, dismantled data leak sites and seen the release of decryption keys.
However, the volume of attacks has risen, the number of reported victims continues to grow and like a hydra that sprouts new heads, the ransomware ecosystem has been reformed and continues operating, although some of the tactics are changing.
Here are five key insights CISOs need to know in 2025.
1. Too much focus on generative AI risks underestimating known threats
Generative AI tools such as ChatGPT continue to cause a stir in organizations and raise a host of security concerns. However, some incident data and threat analysis suggest security leaders need to remain vigilant about the evolution of traditional ransomware tactics.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Source : https://www.csoonline.com/article/3825545/5-things-to-know-about-ransomware-threats-in-2025.html
CrowdStrike (Nasdaq: CRWD) today announced the findings of the 2025 CrowdStrike Global Threat Report, revealing a dramatic shift in cyber adversary tactics, with attackers leveraging stolen identity credentials, AI-generated social engineering, and hands-on keyboard intrusions to bypass traditional security measures. The report details a surge in identity-based attacks, the growing exploitation of cloud environments and an increase in nation-state cyber activity, particularly from China, which has intensified its targeting of critical industries such as finance, media and manufacturing. Now in its 11th annual edition, CrowdStrike’s definitive threat intelligence report provides an in-depth look at cybercriminal and nation-state adversary behavior.
Key Findings in the 2025 Report
The global cyber threat landscape has evolved rapidly, with adversaries becoming faster, stealthier and more sophisticated. A surge in Chinese cyber activity, the rise of hands-on keyboard attacks, and the widespread use of generative AI to enhance phishing and social engineering tactics have forced security teams to rethink their defense strategies.
According to CrowdStrike’s latest threat report, China’s cyber operations escalated significantly, with a 150% increase in attacks across all sectors in 2024 compared to the previous year. Certain industries, including financial services, media and manufacturing, saw spikes of 200-300%, marking a shift in China’s cyber strategy. CrowdStrike also identified seven new China-nexus adversaries, further contributing to the surge in espionage and cyber operations.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise — and their careers.
A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders “warn that excessive workloads” could lead to a major incident for their companies. “The ongoing war for IT talent is likely exacerbating these issues,” the survey’s writers concluded.
John Price, CEO at Cleveland-based security firm SubRosa, underscored the reality many CISOs and their teams currently face.
“The sheer volume of alerts, coupled with the complexity of modern attack surfaces, has created a near-constant state of overwhelm for many security professionals,” he said. “We are operating still in a reactive security mindset. In some cases, a successful cyberattack can be the driving force behind getting the budget you need.”
Cutting (and delegating) workload bloat
Given this situation, security specialists encourage CISOs to consider new ways of engaging their overstretched teams — and helping them keep sharp.
One of the most effective ways to minimize security risk when working with suboptimal resources and people is to “strictly triage what your team is doing,” said Jim Boehm, an expert partner at consulting firm McKinsey.
“This would amount to robust demand management,” Boehm said, suggesting that team tasks that could be discarded could include architecture board review meetings and “chasing things for an internal audit.”
“Why have four or five people in an hour-long [review] meeting where they are just going to argue?” Boehm asked. “I would rather them review the security posture of a potential acquisition. It’s all about taking a risk-based look at everything, not just your assets and controls but what your people are doing.”
Boehm also suggested embracing the LOB dual-embedding mechanisms within DevSecOps. Ideally, that could help reduce security issues by training non-security colleagues in security thinking.
“Developers, for example, hate to be considered engineers. They hate constriction. They want to be artists [and deliver] no documentation,” Boehm said.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
