Recent Security News
-
Vulnerabilities Expose PAX Payment Terminals to Hacking
January 16, 2024 at 11:12AM PAX Technology’s Android-based PoS terminals are vulnerable to multiple exploits allowing attackers to execute arbitrary code or commands, according to a report by STM Cyber. The vulnerabilities, affecting various PAX devices, include the ability to manipulate payment data, inject shell commands, and execute arbitrary code with root privileges. Patches have…
-
Known Indicators of Compromise Associated with Androxgh0st Malware
January 16, 2024 at 10:23AM The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) outlining indicators of compromise (IOCs) and tactics related to Androxgh0st malware. The advisory includes specific recommendations for mitigating cybersecurity incidents caused by Androxgh0st infections. The malware targets websites using Laravel and Apache HTTP Server, and allows threat actors to…
-
Atlassian warns of critical RCE flaw in older Confluence versions
January 16, 2024 at 10:23AM Atlassian Confluence Data Center and Server had a critical remote code execution vulnerability (CVE-2023-22527) impacting versions released before December 5, 2023. The flaw allowed unauthenticated attackers to perform remote code execution. Atlassian fixed the vulnerability in later versions and advises users to install the latest version to protect against potential…
-
The Dual Role AI Plays in Cybersecurity: How to Stay Ahead
January 16, 2024 at 10:23AM AI solutions are gaining traction in business, with 33% of organizations using generative AI. By 2026, over 80% are projected to have their own AI models. However, AI is being exploited for cybercrimes, including enhancing social engineering, spreading malware, and increasing malware stealth. Organizations need robust cybersecurity measures to combat…
-
Anti-Ransomware Coalition Bound to Fail Without Key Adjustments
January 16, 2024 at 10:09AM Ransomware poses a significant challenge for businesses, with debates on the best response. While a US-led coalition to reject ransom payments is symbolic, it ignores practical aspects and lacks a preemptive approach. For some companies, paying ransoms may be the most efficient way to minimize damage. However, the real solution…