Several Cisco Adaptive Security Appliance (ASA) products - appliances, firewalls, switches, routers, and security modules - have been found sporting a flaw that can ultimately lead to remote code execution by attackers.
A security engineer has recently discovered a serious vulnerability in Sparkle, the widely used open source software update framework for Mac applications, that could be exploited by attackers to mount a man-in-the-middle attack and ultimately take control of the computer if they are located on the same network.
A backdoor has been discovered in Socat, a popular open source network administration tool similar to Netcat, and its unclear how it hasn't been spotted earlier or at the time the backdoor was introduced.
Google researcher Tavis Ormandy has found more vulnerabilities in yet another security solution.
Rapid7 researchers have unearthed serious flaws in two Internet of Things devices:The Fisher-Price Smart Toy, a "stuffed animal" type of toy that can interact with children and can be monitored via a mobile app and WiFi connectivity, andThe hereO GPS Platform, a smart GPS toy watch that allows parents to track their children's physical location.In both cases the problem was with the authentication process, i.e.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.