SaiFlow's Blog

Featured

The Hidden CCS2 Attack Surface on EV Chargers

The EV charging industry has well-established security standards. OCPP provides clear guidelines for securing the communication channel between EV Chargers and the Charging Station Management System. While the industry has focused on securing the backend communication, the attack surface exposed through the CCS2 charging plug remains largely untested.

Latest insights and industry updates

image of a traffic control center (for a mobility and transportation)

Plug and Pwn: The Sound of Compromised EV Charger

A malicious EV connecting to the CCS2 charging plug exploits SLAC protocol to compromise XCharge C6 and manipulate its power and cooling system controls
image of a traffic control center (for a mobility and transportation)

One USB Away from Root: Exploiting an Energy IoT Data Logger

Code execution as root via USB storage device in FIMER's VSN700 Data Logger, as well as discussing the general practice in the industry.
image of a traffic control center (for a mobility and transportation)

Libmodbus Message Smuggling Vulnerability

A message smuggling vulnerability found on the Modbus protocol open-source library - Libmodbus
image of a traffic control center (for a mobility and transportation)

SaiFlow and Claroty Partner to Secure Distributed Energy Infrastructure

Claroty and SaiFlow have partnered to deliver comprehensive cybersecurity protection for distributed energy devices and sites - bridging deep OT visibility with real-time, energy-aware threat detection.
image of a traffic control center (for a mobility and transportation)

The Silent Threat to Our Energy Future: Why Your BESS Infrastructure Is Under Siege

image of a traffic control center (for a mobility and transportation)

SaiFlow and CrowdStrike Partner to Secure EV Charging Sites and Energy Networks

SaiFlow and CrowdStrike join forces to deliver energy-contextual threat detection and unified SIEM visibility for EV charging and distributed energy networks