Hardcoded Credentials Expose Customers of AT&T U-Verse

Friday, September 1st, 2017

On August 31, 2017, Nomotion released five vulnerabilities for two Arris modems used by AT&T U-Verse customers in the US. The vulnerabilities are of the following types: Hardcoded Credentials (CWE-798) Information Exposure (CWE-200) Authenticated Command Injection (CWE-78) Firewall Bypass (CWE-653) The hardcoded credentials give attackers access to the device via SSH or HTTP/HTTPS. ...

uBlock Origin released as a pure WebExtension for Firefox

Friday, September 1st, 2017

A new WebExtension version of the popular content blocker uBlock Origin was just uploaded to Mozilla's official add-ons repository for Firefox. The new version is compatible with Firefox's new WebExtensions standard for extensions, and will as such continue to work when Firefox 57 gets released. This first official release of the WebExtensions ...

Microsoft bringing EMET back as a built-in part of Windows 10

Tuesday, June 27th, 2017

The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques—some built in to Windows, some part of EMET itself—to make ...

Linux Systems in the Hackers’ Cross Hairs

Tuesday, June 27th, 2017

Security experts have warned IT teams to improve protection for Linux servers and IoT devices after observing an increase in threats targeting these systems. WatchGuard Technologies’ latest quarterly Internet Security Report is based on analysis of over 26,500 active UTM appliances round the world. It revealed that overall malware detection dropped by ...

‘Petya’ Ransomware Outbreak Goes Global

Tuesday, June 27th, 2017

A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain. According ...