Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an “adversary with sufficient access to perform a sandbox escape and obtain Read more…

PixieFail UEFI Flaws

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft Jan 18, 2024NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively Read more…

Sierra Wireless Routers

Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks

Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks Dec 06, 2023NewsroomCyber Threat / Vulnerability A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21, the issues expose over 86,000 devices Read more…

BLUFFS Bluetooth Attack

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks Dec 04, 2023NewsroomEncryption / Technology New research has unearthed multiple novel attacks that break Bluetooth Classic’s forward secrecy and future secrecy guarantees, resulting in adversary-in-the-middle (AitM) scenarios between two already connected peers. The issues, collectively named BLUFFS, impact Bluetooth Core Specification Read more…

LogoFAIL UEFI Vulnerabilities

UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks

UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks Dec 04, 2023NewsroomTechnology / Firmware Security The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL Read more…