Cybersecurity

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

Jan 18, 2024NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and […]

Cybersecurity

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

Jan 18, 2024NewsroomCyber Espionage / Threat Intelligence High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor “used bespoke phishing lures in an attempt to […]

Cybersecurity

Android-based PAX POS vulnerabilities (Part 1) – STM Cyber Blog

Banking companies worldwide are finally shifting away from custom-made Point of Sale (POS) devices towards the wildly adopted and battle-tested Android operating system. No more obscure terminals; the era of giant, colorful touchscreens is here! While Android is a secure, hardened OS, implementing and integrating your own features with custom hardware requires a lot of […]

Cybersecurity

Cyber startup Vicarius raises $30 million Series B for vulnerability remediation platform | CTech

Israeli startup Vicarius, which develops an autonomous end-to-end vulnerability remediation platform, announced on Wednesday a $30 million Series B led by cybersecurity investment firm Bright Pixel Capital. AllegisCyber Capital, AlleyCorp, and Strait Capital all participated in the financing. The company’s total funding, including investments from previous investors such as JVP, is now over $56 million. […]