Cisco Pays $8.6M to Settle Claims it Sold Flawed Software to the US

From PC Mag: Cisco has agreed to an $8.6 million settlement on claims the company knowingly sold video surveillance software that contained security flaws to the US government and military agencies.

The software package, called Video Surveillance Manager, was sold about a decade ago to the Department of Homeland Security, the Secret Service, the US Army, and numerous other federal, state, and local government departments, according to a 2011 court complaint, which was unsealed on Wednesday.

Cisco's product was designed for use in airports, government buildings, and military bases, among others. But according to the complaint, the system was also rife with several security vulnerabilities that risked compromising other computers connected to it. If exploited, the flaws could let a hacker break into the network of government agency and steal data without detection.

In 2008, an employee at a company distribution partner in Denmark, James Glenn, discovered the flaws, and submitted reports to Cisco, warning them of the danger. However, the complaint claims Cisco was aware of the reports, but decided to sell the unpatched software anyways.

View: Article @ Source Site