Prolific hacker Craig Heffner, who has a particular interest in hacking embedded devices, has recently documented the existence of a command injection bug in the firmware of D-Link's DIR-890L router.
Cisco has patched a vulnerability that affects Cisco ASR 9000 Series Aggregation Services Routers and can be exploited by a remote, unauthenticated attacker to effectively mount a denial of service attack either by locking up the device or making it reload its network processor chip and line card.
It is extremely important that enterprises urgently patch their Java Runtime Environments (JREs) and (Java Development Kits) JDKs since 14 vulnerabilities addressed in this security update are remotely exploitable over a network without authentication -- which are the most serious kind of threats.
Adobe released a new version of Flash Player (22.214.171.124) for Windows and Macintosh, and for Linux (126.96.36.1997).
A new technique for exploiting an 18-year-old bug in Windows Server Message Block (SMB), which would allow attackers to intercept user credentials, had been uncovered by Cylance researcher Brian Wallace.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.