5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox r… Continue reading 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

Mercedes-Benz Head Unit security research report

Kaspersky experts analyzed the Mercedes-Benz head unit, its IPC protocols and firmware, and found new vulnerabilities via physical access. Continue reading Mercedes-Benz Head Unit security research report

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011… Continue reading New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

How CTEM is providing better cybersecurity resilience for organizations

Organizations today continuously face a number of fast-moving cyber threats that regularly challenge the effectiveness of their cybersecurity defenses. However, to keep pace, businesses need a proactive and adaptive approach to their security planning and execution. Cyber threat exposure management (CTEM) is an effective way to achieve this goal. It provides organizations with a reliable […]

The post How CTEM is providing better cybersecurity resilience for organizations appeared first on Security Intelligence.

Continue reading How CTEM is providing better cybersecurity resilience for organizations

Android patches several vulnerabilities in first security update of 2025

The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Android’s system.

The post Android patches several vulnerabilities in first security update of 2025 appeared first on CyberScoop.

Continue reading Android patches several vulnerabilities in first security update of 2025

Industrial networking manufacturer Moxa reports ‘critical’ router bugs

Moxa says the flaws can be used to bypass user authentication, escalate privileges and gain root access to devices. 

The post Industrial networking manufacturer Moxa reports ‘critical’ router bugs appeared first on CyberScoop.

Continue reading Industrial networking manufacturer Moxa reports ‘critical’ router bugs

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installat… Continue reading BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)