A number of Cisco WLAN controller products in use by a many SMB customers are susceptible to multiple security threats, leading the company releasing several patches.

The patches fix two critical vulnerabilities-- one to denial-of-service attacks and the other giving attackers "unauthorised priviledged access to the affected device."

Vulnerable devices include the 500 series wireless express mobility controllers, 2000 and 2100 series WLAN controllers and the Cisco Virtual Wireless Controller, among many others.

The news follows the emergence of the so-called "Moon Worm" affecting Linksys-branded consumer and small business routers. According to Cisco the worm "connects to port 8080 and uses the Home Network Administration Protocol (HNAP) to identify the make and firmware of the compromised router. It then exploits a CGI script to access the router without authentication and scan for other vulnerable boxes."

The Fast Identity Online (FIDO) Alliance releases the first draft of its technical specifications as security vendor Nok Nok Labs reveals the first product running the specification, the S3 Authentication Suite.

Launched just less than a year ago, the FIDO Alliance aims to replace the password with a device-centric standards-based model making use of security technologies such as biometrics (fingerprint scanners, voice and facial recognition), Trusted Platform Modules (TPM), USB security tokens, Near Field Communication (NFC) and One Time Passwords (OTP).

The specification is open to other existing and future technologies, and can be federated using standards such as OpenID and SAML.

In news pleasing to at least one person Intel CEO Brian Krzanich uses his CES 2014 keynote to announce the company is dropping the McAfee name in favour of "Intel Security."

The re-branding starts immediately, and the transition should take around a year. Intel will continue using the familiar red shield logo and the security company will remain a wholly owned Intel subsidiary, if under the Intel Security name.

Intel will also offer "elements" of McAfee mobile security solutions for free. "The complexity of keeping digital identities safe grows as mobile applications and devices become a more important part of our daily lives," Krzanich says. "Intel's intent is to intensify our efforts dedicated to making the digital world more secure, and staying ahead of threats to private information on mobile and wearable devices."

As 2013 comes to a close security vendors present forecasts for the year that is to come, with privacy concerns, mobile devices, cloud storage services and even smart devices topping the agenda.

According to Kaspersky Lab, Edward Snowden's revelations on the extend of state-sponsored cybersnooping will have far-reaching effects across the industry-- customers wanting more privacy will boost demand for VPN services, Tor-anonymisers and local encryption tools, and ISPs will add further user data protection measures such as encryption of all data transmitted between own servers.

Kaspersky also gives a "Neuromancer"-style prediction of companies employing cyber-mercenaries, organised hacker groups offering cyber-espionage services to the highest bidder. Meanwhile nations become increasingly paranoid over the use of foreign services, leading to an increasingly fractured internet.