Critical devices that underpin our daily lives — from smart thermostats and routers to seismic monitors, fuel systems, and CCTVs — are far more exposed than most realize. In this session, I’ll show how modern reconnaissance techniques combined with protocol analysis and vulnerability research revealed zero-day flaws across multiple industries.

We’ll explore cases including authentication bypasses in smart devices, remote code execution in end-of-life CCTVs, protocol-level flaws in TCF-based fuel systems, and insecure defaults in OT equipment. Each example highlights systemic design and lifecycle issues that continue to put infrastructure at risk.

Attendees will leave with insights into methodology, the importance of secure-by-design principles, and why lifecycle responsibility in IoT/OT security cannot be ignored.