ThreatCluster
  • Feed
  • Dashboard
  • Saved
THREAT HUNTING
  • Domains
  • IP Addresses
  • File Hashes
  • CVEs
THREAT INTELLIGENCE
  • APT Groups
  • Ransomware Groups
  • Malware Families
  • Attack Types
  • MITRE ATT&CK
  • Security Standards
  • Vulnerability Types
BUSINESS INTELLIGENCE
  • Companies
  • Industry Sectors
  • Security Vendors
  • Government Agencies
  • Countries
  • Platforms
Home / Feed / Article

Attacker could defeat Dell firmware flaws with a vegetable

Threat Score:
45
Computer Weekly IT Security
1 day ago
Part of cluster #1702

Overview

Over 100 models of Dell laptop PCs across the enterprise-centric Lattitude and Precision ranges, and many thousands of individual devices, are at risk of compromise through a series of five common vulnerabilities and exposures (CVEs) that affect their security firmware and associated Microsoft Windows application programming interfaces (APIs), according to a new disclosure from the Cisco Talos threat lab. GPT.display('halfpage') GPT.display('mu-1') Collectively dubbed ReVault by the Talos resear...

Continue Reading on Original Site

Related Articles

5 articles
1
Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 12 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score
83
Read more
2

Google Discloses Salesforce Hack

Feedburner • 9 hours ago

A Google Salesforce instance may have been targeted as part of a ShinyHunters campaign that hit several major companies.

Score
80
Read more
3

Ransomware plunges insurance company into bankruptcy

Graham Cluley • 10 hours ago

Collapsed company's founder says that its fortunes were hampered by the refusal of authorities to release the criminals' seized funds to victims. in my article on the Fortra blog.

Score
80
Read more
4

Trend Micro fixes two actively exploited Apex One RCE flaws

Security Affairs • 11 hours ago

Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as CVE-2025-54948 and CVE-2025-54987 (CVSS score of 9.4), in Apex One on-prem consoles. The cybersecurity vendor confirmed that both issues were actively exploited in the wild. Both […]

Score
80
Read more
5

Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities

Cybersecurity News • 7 hours ago

Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]

Score
78
Read more

Save to Folder

Choose a folder to save this article:

Article Intelligence

Key entities and indicators for this article

CVES
CVE-2025-24311
CVE-2025-24919
CVE-2025-24922
CVE-2025-25050
CVE-2025-25215
INDUSTRIES
Communications
Cybersecurity
Enterprise
Government
VULNERABILITIES
Arbitrary Code Execution
Authentication Bypass
Data Exposure
Firmware Vulnerabilities
Firmware Vulnerability
COMPANIES
Cisco
Dell
Intel
Microsoft
PLATFORMS
Windows
RANSOMWARE
Demo
Done
First
RIP (Phoenix) Ransomware
Unsafe
MALWARE
PLAY
Phoenix
ATTACK TYPES
Data Leakage
Firmware Exploitation
Firmware Modification
Physical Access Attack
Privilege Escalation
MITRE ATT&CK
T1003
T1055
T1071
T1102
T1203
ARTICLE INFORMATION
Article #8877
Published 1 day ago
Computer Weekly IT Security

We use cookies

We use cookies and similar technologies to enhance your experience, analyse site usage, and assist in our marketing efforts.

Cookie Settings

Essential Cookies

Required for the website to function. Cannot be disabled.

  • Session management and authentication
  • Security and fraud prevention
  • Cookie consent preferences

Analytics Cookies

Help us understand how visitors interact with our website.

  • Plausible Analytics - Privacy-focused usage statistics
  • PostHog - Product analytics and feature tracking
  • Page views and user journey analysis

Performance Cookies

Help us monitor and improve website performance.

  • Page load time monitoring
  • Error tracking and debugging
  • Performance optimisation

Marketing Cookies

Used to track visitors across websites for marketing purposes.

  • Conversion tracking
  • Remarketing campaigns
  • Social media integration