Cisco's Talos Group has identified security vulnerabilities in commercial smart thermostats made by Trane that could enable an attacker to gain access to the entire network through the vulnerable devices.
Cisco on Wednesday pushed out patches for high-severity vulnerabilities in several products, including a controller, a switch and security management products, reported SecurityWeek.
The number of SAP HANA vulnerabilities increased 50 percent this year compared to last year, according to ERPScan.
It has not been a good week for Cisco Systems. The malware that was found to be infecting 14 Cisco routers across four countries – possibly for years – is apparently more widespread than the security vendor that first discovered the vulnerability believed.
The average global enterprise has multiple, often risky, gambling apps installed in its mobile environment, according to an analysis by app security firm Veracode.
Several vulnerabilities have been found in the Belkin N600 802.11n wireless home router that could provide a gateway to hackers using DNS spoofing.
A number of D-Link storage devices have dozens of security vulnerabilities that can allow attackers to execute arbitrary code remotely and take full control of the devices, according to researchers at SEARCH-LAB.
Free peer-to-peer VPN service Hola is apparently not as secure as the company likes to claim. According to a Network World article, Hola sold bandwidth of its 47 million users and also contains several security vulnerabilities that could open up users to botnet infections and other malicious types.
Enterprises with Cisco TelePresence units deployed may want to grab the latest security patches. Cisco released several patches to address vulnerabilities in a few of its telepresence products.
Organized crime has become the most frequently seen actor in Web application attacks, with financial gain being the primary motive, according to the most recent Verizon DBIR report. To combat this growing threat to Web applications, security data and analytics firm Rapid7, best known for its Metasploit penetration testing tool, has acquired NT OBJECTives, a Web application security testing firm.