Cyber Defense Advisors

Year: 2023

  • by
  • October 27, 2023

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. “This vulnerability may allow an unauthenticated attacker with network […]

Cyber News, Cyber Threat Trends
  • by
  • October 27, 2023

Failure to verify OAuth tokens enables account takeover on websites

Researchers have found yet another OAuth implementation error on various websites that allow users to authenticate with their identities from third-party services such as Facebook or Google. Some sites fail to complete an important step in the OAuth authorization chain that involves validating for which app an access token was issued by the identity provider. […]

Cyber News, Cyber Threat Trends
  • by
  • October 27, 2023

Cybersecurity startups to watch in 2023

The problems cybersecurity startups attempt to solve are often a bit ahead of the mainstream. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovate faster because they are unfettered by an installed base. The downside, of course, is that startups often lack resources and maturity. It’s […]

Cyber News, Cyber Threat Trends