#CloudAPI – Xynik

Solar Power Installations Worldwide Open to Cloud API Bugs

August 9, 2024 by Xynik

August 9, 2024 at 02:48PM An analysis of Solarman and Deye Cloud for managing solar power installations uncovered vulnerabilities in their cloud APIs. Bitdefender researchers found that unauthorized parties could alter inverter settings and access personally identifiable information via these APIs. Potential consequences include destabilizing the power grid and compromising a significant amount of solar … Read more

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

December 14, 2023 by Xynik

December 14, 2023 at 08:00AM OilRig, an Iranian cyber espionage group, has deployed three new downloader malware named ODAgent, OilCheck, and OilBooster to maintain access to victim organizations in Israel. These lightweight downloaders use legitimate cloud service APIs for command-and-control communication, aiming to blend with authentic network traffic. The targets include healthcare, manufacturing, and governmental … Read more