cognitive cybersecurity intelligence

News and Analysis

New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling

UEFI firmware from five major suppliers including Arm Ltd., Insyde, AMI, Phoenix Technologies, and Microsoft has vulnerabilities termed as “PixieFail”. The flaw allows attackers with minimal network access to infect devices with malicious firmware, which can bypass standard protection measures due to running before the main OS loads. The security flaws can be exploited in the PXE or Preboot Execution Environment, and mostly pose threats to public and private data centres. The vulnerabilities were discovered by researchers from security firm Quarkslab.

Source: arstechnica.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling

Subscribe to newsletter

More Posts

Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands – csoonline.com

Authorities released free decryptor for Phobos and 8base ransomware – Security Affairs

Arch Linux pulls AUR packages that installed Chaos RAT malware – BleepingComputer

Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices – CyberSecurityNews

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company