Recent Security News

  • The Dual Role AI Plays in Cybersecurity: How to Stay Ahead

    January 16, 2024 at 10:23AM AI solutions are gaining traction in business, with 33% of organizations using generative AI. By 2026, over 80% are projected to have their own AI models. However, AI is being exploited for cybercrimes, including enhancing social engineering, spreading malware, and increasing malware stealth. Organizations need robust cybersecurity measures to combat…

    Read More

  • Anti-Ransomware Coalition Bound to Fail Without Key Adjustments

    January 16, 2024 at 10:09AM Ransomware poses a significant challenge for businesses, with debates on the best response. While a US-led coalition to reject ransom payments is symbolic, it ignores practical aspects and lacks a preemptive approach. For some companies, paying ransoms may be the most efficient way to minimize damage. However, the real solution…

    Read More

  • Ivanti zero-day exploits explode as bevy of attackers get in on the act

    January 16, 2024 at 10:04AM Ivanti Connect Secure (ICS) VPN users are at risk if they have not applied recent vulnerability mitigation. Over 1,700 devices have been compromised due to successful exploits. The attacks have targeted a wide range of organizations globally. Users are advised to run Ivanti’s Integrity Checker Tool to detect compromises and…

    Read More

  • Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits – Act Now

    January 16, 2024 at 09:39AM Over 178,000 SonicWall firewalls are susceptible to two security vulnerabilities. These flaws could lead to denial-of-service conditions and remote code execution. While there’s no evidence of exploits, a proof-of-concept for one vulnerability has been released. The cybersecurity firm warns that bad actors could use these flaws to trigger repeated crashes…

    Read More

  • Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

    January 16, 2024 at 09:12AM Quarkslab discovered multiple critical vulnerabilities in the EDK II network stack, posing a risk of remote code execution attacks. These vulnerabilities, known as PixieFAIL, affect the PXE implementation and are utilized by various vendors, including Microsoft. Quarkslab released proof-of-concept code for the vulnerabilities and anticipates the CERT Coordination Center to…

    Read More