Cyber Defense Advisors

News

Home / News / Page 552
  • by
  • August 13, 2023

Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk

Multiple security vulnerabilities impacting CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine vulnerabilities, from CVE-2023-3259 through CVE-2023-3267, carry

Cyber News, Cyber Threat Trends
  • by
  • August 13, 2023

Multiple data center vulnerabilities could cripple cloud services

Multiple vulnerabilities in data center infrastructure management systems/power distribution units have the potential to cripple popular cloud-based services. That’s according to new findings from the Trellix Advanced Research Center, which revealed four vulnerabilities in CyberPower’s Data Center Infrastructure Management (DCIM) platform and five vulnerabilities in Dataprobe’s iBoot Power Distribution Unit (PDU). The vulnerabilities could be […]

Cyber News, Cyber Threat Trends

Friday Squid Blogging: NIWA Annual Squid Survey

Results from the National Institute of Water and Atmospheric Research Limited annual squid survey: This year, the team unearthed spectacular large hooked squids, weighing about 15kg and sitting at 2m long, a Taningia—­which has the largest known light organs in the animal kingdom­—and a few species that remain very rare in collections worldwide, such as […]

Cyber News, Cyber Threat Trends

Whirlpool malware rips open old Barracuda wounds

Advanced persistent threat (APT) attacks targeting a former zero-day remote command injection vulnerability in Barracuda email security gateway (ESG) appliances have been detected by the US cybersecurity and infrastructure security agency (CISA). The vulnerability, according to a CISA alert, was used to plant malware payloads of Seapsy and Whirlpool backdoors on the compromised devices. While […]

Cyber News, Cyber Threat Trends

Cryptographic Flaw in Libbitcoin Explorer Cryptocurrency Wallet

Cryptographic flaws still matter. Here’s a flaw in the random-number generator used to create private keys. The seed has only 32 bits of entropy. Seems like this flaw is being exploited in the wild.

Cyber News, Cyber Threat Trends
  • by
  • August 10, 2023

Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk

A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto’s Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent’s Sogou Input […]

Cyber News, Cyber Threat Trends
  • by
  • August 10, 2023

Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization

Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue to progress their attacks in these environments, not by exploiting vulnerabilities, but by abusing native Microsoft functionality to achieve their objective. The attacker group Nobelium, linked with the SolarWinds attacks, has been

Cyber News, Cyber Threat Trends
  • by
  • August 10, 2023

New runtime security tool scans ongoing attacks in cloud workloads

Cloud cybersecurity provider Sweet Security has launched a new runtime security platform, dubbed Sweet, to enable security teams to detect and respond to cloud-based attacks in runtime. The platform deploys sensors in the runtime environment to provide CISOs and security teams with cloud-native cluster visibility. “Like legacy detection and responses solutions, we have sensors deployed […]

Cyber News, Cyber Threat Trends

Using Machine Learning to Detect Keystrokes

Researchers have trained a ML model to detect keystrokes by sound with 95% accuracy. “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards” Abstract: With recent developments in deep learning, the ubiquity of microphones and the rise in online services via personal devices, acoustic side channel attacks present a greater threat to keyboards than […]

Cyber News, Cyber Threat Trends