In-brief: Beset by a plunging share price, class action lawsuits in dozens of states, pending Congressional hearings and a FTC investigation, Equifax on Wednesday finally settled speculation and named a six month old hole in a common software platform, Apache Struts, as the cause of a massive hack.
remote code execution
In-brief: A serious security hole in the software that runs certain models of wifi routers made by the firm Netgear prompted warnings to customers to stop using them until a fix can be found. (Editor’s Note: updated with comment from Netgear. PFR 12/12/2016)
In-brief: A researcher from the firm Trustwave warns that Trane ComfortLink smart thermostats suffer from a string of security woes, including hard coded administrator credentials.
In-brief: Markets for information on software vulnerabilities are good for security. But they can also raise moral and ethical quandaries, especially in an age of cyber physical risks, argues Cisco’s Marc Blackmer.
In-brief: The Department of Homeland Security warned of hundreds of vulnerabilities in a hospital monitoring system sold by Philips. Security researchers who studied the system said the security holes may number in the thousands.