Skip to content
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

?Jan 18, 2024?NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern… 

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

?Jan 18, 2024?NewsroomCyber Espionage / Threat Intelligence High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian… 

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

?Jan 17, 2024?NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber… 

Release Cybersecurity Guidance on Chinese-Manufactured UAS for Critical Infrastructure Owners and Operators 

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released, Cybersecurity Guidance: Chinese-Manufactured Unmanned Aircraft Systems (UAS), to raise awareness of the threats posed by Chinese-manufactured UAS and… 

CISA Releases 2023 Year in Review Showcasing Efforts to Protect Critical Infrastructure

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its fourth annual Year in Review showcasing CISA’s work to protect the nation from cyber and physical threats, while working to increase the resilience of… 

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

?Jan 17, 2024?NewsroomBotnet / Cloud Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for “victim…