Along with fixes for a number of older vulnerabilities in Cisco IOS and IOS XE software, the Cisco IOS Software Common Industrial Protocol, and the OpenSSL package incorporated in multiple company products, Cisco Systems has pushed out security updates that plug unauthorized access and default account/static password vulnerabilities in some of its offerings.
After IOActive researcher Fernando Arnaboldi publicly revealed three crucial vulnerabilities in Drupal's update process last Thursday, the Drupal Security Team published a response on the Drupal Groups page.
OAuth 2.0 is one of the most used single sign-on systems on the web: it is used by Facebook, Google, Microsoft, GitHub and other big Internet companies.
Google has released the January security update for Android (for its Nexus devices).
SANS Institute's Internet Storm Center has raised its infocon status - the status of the condition of the Internet infrastructure - from green to yellow, following the public revelation of two backdoors in Juniper's NetScreen firewall devices, and the publication of the password that allows easy exploitation of one of them.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.