A Timesys Deep Dive Embedded Systems Newsletter

March 2022

Cybersecurity in the News: Critical Hijacking Bugs That Can Lead to Full Network Compromise Discovered in Azure Defender for IoT

Two CVEs scored a 10 out of 10 for severity

According to The Register:

“SentinelOne this week detailed a handful of bugs, including two critical remote code execution vulnerabilities, it found in Microsoft Azure Defender for IoT.

These security flaws, which took six months to address, could have been exploited by an unauthenticated attacker to compromise devices and take over critical infrastructure networks.”

Want the full scoop on the headline-making CVEs you need to know about? We’ve launched the Timesys CVE Dashboard, updated weekly with details on the dangerous security vulnerabilities that could be affecting your device.

Take me to the CVE Dashboard

Get early access to the results from our industry-wide survey

Get early access to the results from our industry-wide survey

Sign up to be added to our early access list. You’ll be among the first to read the industry insights from our cybersecurity survey.

Learn with Timesys

Read up on Yocto Security with Our Two Latest Blogs

Yocto Security: Automating compliance using OpenSCAP

Whether you are looking to embrace security automation or trying to meet regulatory compliance requirements, SCAP can play an important part of your security toolbox. Leveraging the OpenSCAP project, one can get a jumpstart in building secure devices that can be easily audited in an automated fashion.

Yocto Security: Logging with auditd

The Linux audit framework is a security system which can provide accurate information about almost all security-relevant actions running processes may take on a system. The logs created using the audit framework can be used to investigate potential security incidents. Read the full blog for info on installation to using rules files and beyond.

Upcoming Events

Conferences Around the World You Don’t Want to Miss

Embedded Online Conference

A conference for embedded systems engineers

April 25-29, online

So much learning to do, and so little time. Don’t worry if you’re joining late — many talks are available on-demand.

Be sure to stop by the “demo” area to see our new Embedded Board Farm video!


Cybersecurity industry event

May 4, Pittsburgh, PA

Join us in our hometown for the 7th annual Cyburgh, a forum for cybersecurity, IT, and business professionals to engage with and learn from peers, thought leaders, and solution providers.

Our very own Al Feczko will present a tech talk on software supply chain security

2nd European Medical Device & Diagnostic Cybersecurity + Software Development & Compliance

Joint live conference

May 17-18, Brussels

We are thrilled to be sponsoring this year’s event, and our very own Maciej Halasz will be presenting on securing the open source embedded software supply chain for medical devices.

Embedded Technology Convention USA 2022

Embedded Technologies & Systems Showcase

June 8-9, Las Vegas, NV

Join us at the Embedded Tech Convention with 5000 of our closest friends! Discover the latest technological innovations and trends, expand your industry knowledge and extend your global professional network.

Embedded World 2022

Exhibition & Conference

June 21-23, Nuremberg

Will you be at Embedded World this year? We’re excited to showcase our latest security solutions as a featured partner with our friends at STMicroelectronics.

Security Vulnerability Management 101

Tool & Techniques to Monitor and Remediate Vulnerabilities in Your SBOM
June 30 @ 12 PM ET / 9 AM PT

In this monthly live webinar and Q&A session, you’ll learn:

– Why you need to manage your open-source software risks 
– How to generate an accurate SBOM (Software Bills of Materials) and why it matters
– Tools and techniques to monitor and remediate vulnerabilities in your SBOM
– And much more!

Yes! I want to register for the live webinar and Q&A

Subscribe to our newsletter so you don’t miss a thing.