Recent Security News
-
UAE Cyber Security Council, Khalifa University Launch Abu Dhabi Academy
January 16, 2024 at 11:51AM The United Arab Emirates Cyber Security Council and Khalifa University have launched the Cybersecurity Academy in Abu Dhabi. The academy will provide training initiatives meeting the needs of UAE organizations, offering certification and training programs in technological, regulatory, and methodological processes in English and Arabic. Khalifa University has also partnered…
-
Ho, Ho, Hoooold on a Minute: A New Year Resolution That IoT Isn’t a Gift That Keeps on Taking
January 16, 2024 at 11:12AM The Internet of Things (IoT) devices offer great power and convenience, but also pose security and privacy risks. When purchasing IoT devices, it’s important to consider the company’s reputation, country of origin, security measures, and data privacy policies. Additionally, for healthcare-related IoT devices, it’s crucial to scrutinize data handling and…
-
Vulnerabilities Expose PAX Payment Terminals to Hacking
January 16, 2024 at 11:12AM PAX Technology’s Android-based PoS terminals are vulnerable to multiple exploits allowing attackers to execute arbitrary code or commands, according to a report by STM Cyber. The vulnerabilities, affecting various PAX devices, include the ability to manipulate payment data, inject shell commands, and execute arbitrary code with root privileges. Patches have…
-
Known Indicators of Compromise Associated with Androxgh0st Malware
January 16, 2024 at 10:23AM The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) outlining indicators of compromise (IOCs) and tactics related to Androxgh0st malware. The advisory includes specific recommendations for mitigating cybersecurity incidents caused by Androxgh0st infections. The malware targets websites using Laravel and Apache HTTP Server, and allows threat actors to…
-
Atlassian warns of critical RCE flaw in older Confluence versions
January 16, 2024 at 10:23AM Atlassian Confluence Data Center and Server had a critical remote code execution vulnerability (CVE-2023-22527) impacting versions released before December 5, 2023. The flaw allowed unauthenticated attackers to perform remote code execution. Atlassian fixed the vulnerability in later versions and advises users to install the latest version to protect against potential…