command injection

Foscam Indoor IP camera

Cisco Talos finds More Flaws in Foscam Cameras

Cisco Systems is warning the public about a range of new vulnerabilities it has discovered in IP cameras from the firm Foscam, a popular maker of commercial and consumer surveillance cameras, the second trove of software security holes uncovered since June. 

code on a monitor

Code Tutorials Spread Application Flaws Far and Wide

In-brief: Researchers at universities in Germany, working with the security firm Trend Micro, discovered more than 100 vulnerabilities in GitHub code repositories simply by looking for re-used code from tutorials and other free code samples. The same method could be harnessed by cyber criminals or other sophisticated attackers to find and exploit vulnerabilities in software applications, the researchers warned.

Update: FDA says St. Jude Medical knew about Device Flaws 2 Years Before Muddy Waters Report

In-brief: In a damning report, the FDA said that St. Jude Medical* knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or other mitigations, or by replacing those devices. (Editor’s note: updated to include a statement from Abbott and comment from Dr. Kevin Fu. – PFR April 14, 2017)

NETGEAR R7000

Netgear: 11 Home Router Models affected by Flaw, 3 patched

In-brief: A week after security experts at Carnegie Mellon’s CERT advised consumers about a serious security hole in home routers from the networking equipment maker NETGEAR, that firm has expanded the list of affected router models to 11, while offering official software patches for three of those models. Thousands of affected devices can be found online.