Hardcoded Credentials Expose Customers of AT&T U-Verse

Friday, September 1st, 2017

On August 31, 2017, Nomotion released five vulnerabilities for two Arris modems used by AT&T U-Verse customers in the US. The vulnerabilities are of the following types: Hardcoded Credentials (CWE-798) Information Exposure (CWE-200) Authenticated Command Injection (CWE-78) Firewall Bypass (CWE-653) The hardcoded credentials give attackers access to the device via SSH or HTTP/HTTPS. ...

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

Wednesday, February 1st, 2017

For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done. While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available ...

CERT advises users to ‘discontinue use’ of two Netgear routers due to major security flaw

Saturday, December 10th, 2016

In a major setback for Netgear, it appears that at least two of its high-end routers may contain a severe security flaw according to an advisory issued by CERT. The vulnerability itself is incredibly easy to leverage and simply relies upon accessing a specially crafted URL in the following format from ...

Malware Tool That Has Your Back

Saturday, October 3rd, 2015

Security researchers at Symantec have been tracking a malware tool that, for a change, most victims wouldn’t actually mind have infecting their systems--or almost, anyway. The threat dubbed Linux.Wifatch compromises home routers and other Internet-connected consumer devices. But unlike other malware, this one does not steal data, snoop silently on victims, ...

Y-router configuration adds additional security to your home network

Wednesday, June 10th, 2015

I'm helping someone reconfigure their home network and realized that I never posted about the Y-router configuration.  Most folks have a home modem that is leased from their ISP and most of these newer modems have built-in router functionality and provide both LAN and WLAN connectivity, but this modem is ...