Security Vulnerabilities

Latest Headlines

Latest Headlines

Security holes on the rise in SAP HANA big data platform, warns ERPScan

The number of SAP HANA vulnerabilities increased 50 percent this year compared to last year, according to ERPScan.

Even more Cisco devices found to be infected with SYNful Knock

It has not been a good week for Cisco Systems. The malware that was found to be infecting 14 Cisco routers across four countries – possibly for years – is apparently more widespread than the security vendor that first discovered the vulnerability believed.

Employees gamble with security when they download mobile gambling apps

The average global enterprise has multiple, often risky, gambling apps installed in its mobile environment, according to an analysis by app security firm Veracode.

Belkin N600 security vulnerabilities put home users at risk

Several vulnerabilities have been found in the Belkin N600 802.11n wireless home router that could provide a gateway to hackers using DNS spoofing.

Researchers warn about security backdoor on D-Link storage devices

A number of D-Link storage devices have dozens of security vulnerabilities that can allow attackers to execute arbitrary code remotely and take full control of the devices, according to researchers at SEARCH-LAB.

Hola shows why 'free' sometimes comes at a price

Free peer-to-peer VPN service Hola is apparently not as secure as the company likes to claim. According to a Network World article, Hola sold bandwidth of its 47 million users and also contains several security vulnerabilities that could open up users to botnet infections and other malicious types.

There's a patch for Cisco TelePresence vulnerabilities

Enterprises with Cisco TelePresence units deployed may want to grab the latest security patches. Cisco released several patches to address vulnerabilities in a few of its telepresence products.

Rapid7 acquires NT OBJECTives to beef up its Web app security bona fides

Organized crime has become the most frequently seen actor in Web application attacks, with financial gain being the primary motive, according to the most recent Verizon DBIR report. To combat this growing threat to Web applications, security data and analytics firm Rapid7, best known for its Metasploit penetration testing tool, has acquired NT OBJECTives, a Web application security testing firm.

ISIS supporters target vulnerable WordPress plug-ins

When a group finds WordPress vulnerabilities, they can exploit them worldwide. That is exactly what sympathizers with the terrorist group ISIS are doing, according to a warning issued Tuesday by the Federal Bureau of Investigation.

Mozilla plugs critical vulnerabilities, adds 'opportunistic encryption' to latest Firefox browser

Mozilla has fixed more than a dozen vulnerabilities with the latest version of its Firefox browser, including a number of critical security flaws. In addition, Mozilla has added to the Firefox 37 browser "opportunistic encryption," which encrypts possibly sensitive data before sending it in the clear.