Recent Security News
-
PixieFail flaws impact PXE network boot in enterprise systems
January 16, 2024 at 12:19PM A set of nine vulnerabilities, named ‘PixieFail,’ impact Tianocore’s EDK II, an open-source implementation of the UEFI spec widely used in enterprise computers. The flaws, discovered by Quarkslab, affect the PXE boot process and expose systems to DoS, RCE, network session hijacking, and other attacks. Multiple vendors, including major tech…
-
178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks
January 16, 2024 at 11:51AM Two unauthenticated denial-of-service (DoS) vulnerabilities, CVE-2022-22274 and CVE-2023-0656, threaten the security of SonicWall next-generation firewall devices. Attackers can exploit these flaws to crash devices or execute remote code. Vulnerable SonicWall series 6 and 7 firewalls are at risk. Administrators are urged to update to the latest firmware to mitigate potential…
-
UAE Cyber Security Council, Khalifa University Launch Abu Dhabi Academy
January 16, 2024 at 11:51AM The United Arab Emirates Cyber Security Council and Khalifa University have launched the Cybersecurity Academy in Abu Dhabi. The academy will provide training initiatives meeting the needs of UAE organizations, offering certification and training programs in technological, regulatory, and methodological processes in English and Arabic. Khalifa University has also partnered…
-
Ho, Ho, Hoooold on a Minute: A New Year Resolution That IoT Isn’t a Gift That Keeps on Taking
January 16, 2024 at 11:12AM The Internet of Things (IoT) devices offer great power and convenience, but also pose security and privacy risks. When purchasing IoT devices, it’s important to consider the company’s reputation, country of origin, security measures, and data privacy policies. Additionally, for healthcare-related IoT devices, it’s crucial to scrutinize data handling and…
-
Vulnerabilities Expose PAX Payment Terminals to Hacking
January 16, 2024 at 11:12AM PAX Technology’s Android-based PoS terminals are vulnerable to multiple exploits allowing attackers to execute arbitrary code or commands, according to a report by STM Cyber. The vulnerabilities, affecting various PAX devices, include the ability to manipulate payment data, inject shell commands, and execute arbitrary code with root privileges. Patches have…