It has not been a good week for Cisco Systems. The malware that was found to be infecting 14 Cisco routers across four countries – possibly for years – is apparently more widespread than the security vendor that first discovered the vulnerability believed.
The average global enterprise has multiple, often risky, gambling apps installed in its mobile environment, according to an analysis by app security firm Veracode.
Several vulnerabilities have been found in the Belkin N600 802.11n wireless home router that could provide a gateway to hackers using DNS spoofing.
A number of D-Link storage devices have dozens of security vulnerabilities that can allow attackers to execute arbitrary code remotely and take full control of the devices, according to researchers at SEARCH-LAB.
Free peer-to-peer VPN service Hola is apparently not as secure as the company likes to claim. According to a Network World article, Hola sold bandwidth of its 47 million users and also contains several security vulnerabilities that could open up users to botnet infections and other malicious types.
Enterprises with Cisco TelePresence units deployed may want to grab the latest security patches. Cisco released several patches to address vulnerabilities in a few of its telepresence products.
Organized crime has become the most frequently seen actor in Web application attacks, with financial gain being the primary motive, according to the most recent Verizon DBIR report. To combat this growing threat to Web applications, security data and analytics firm Rapid7, best known for its Metasploit penetration testing tool, has acquired NT OBJECTives, a Web application security testing firm.
When a group finds WordPress vulnerabilities, they can exploit them worldwide. That is exactly what sympathizers with the terrorist group ISIS are doing, according to a warning issued Tuesday by the Federal Bureau of Investigation.
Mozilla has fixed more than a dozen vulnerabilities with the latest version of its Firefox browser, including a number of critical security flaws. In addition, Mozilla has added to the Firefox 37 browser "opportunistic encryption," which encrypts possibly sensitive data before sending it in the clear.
On Wednesday, Cisco released its semiannual security advisory for IOS software and IOS XE software, plugging 16 security holes that could result in "denial of service condition or interface wedge."