Tag: patching

Beware: Targeted Attacks on iPhone Users are a Thing | Lookout Blog

Beware: Targeted Attacks on iPhone Users are a Thing | Lookout Blog

In-brief: Lookout said it identified an active threat that was using three critical iOS zero-day (that is: previously unknown) vulnerabilities. When exploited, the three vulnerabilities “form an attack chain that subverts even Apple’s strong security environment.”

Recent analysis has connected the dots between information disclosed by Edward Snowden and recent leaks related to NSA Spying from the group Shadow Brokers.

How the NSA snooped on Cisco Customers for a Decade | Ars Technica

In-brief: Ars Technica has a good write-up of the ongoing news about how the NSA used tools that exploited known vulnerabilities in networking and security products by Cisco, Juniper, Fortinet and others to spy on customers of those companies.

Trane ComfortLink thermostats contain serious security holes, Trustwave reports. (Image courtesy of Trane.)

Researcher Warns of Holes In Smart Thermostats

In-brief: A researcher from the firm Trustwave warns that Trane ComfortLink smart thermostats suffer from a string of security woes, including hard coded administrator credentials. 

Downloads of open source components almost doubled in 2015 - but security concerns persist.

Developers Gorge on Open Source Amid Worries About Quality, Security

In-brief: The use of open source software is exploding, but concerns about code quality and security in the open source supply chain persist, according to a report from the firm Sonatype. 

A vulnerability in software from D-Link could leave as many as 400,000 devices vulnerable to remote attack, according to the firm Senrio.

Flaw In D-Link Software Affects 400K Devices

In-brief: A vulnerability in software by device maker D-Link is much more widespread than initially believed, affecting hundreds of thousands of Internet connected devices, including cameras, home routers, wireless access points and network attached storage.