The Broadband Guide
SG
search advanced
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.

 Username:
 Password:
Register
 forgot password?

Security Information

This page is dedicated to security, it includes local security information, as well as a number of syndicated security feeds, alerts, tools and news from major security portals. This page aims to provide a single security information access point, helping you stay current with recent security threats. You can check the SG Security FAQ and visit the SG Security forum with any questions you might have.



SG Security Scan

The SG Security Scan is a great tool that tests a number of ports on your computer for the most common vulnerabilities.

SG Security Scanner
Vulterable Ports
Commonly Open Ports
SG Ports - comprehensive database of known TCP/UDP ports

 

SG Security Articles

General Security Guide
How To Crack WEP and WPA Wireless Networks
IRDP Security Vulnerability in Windows
Why encrypt your online traffic with VPN ?



Latest Threats - Symantec

JS.Downloader gen29 - (2017.01.16) Risk Level: Very Low. Type: Trojan.
Exp.CVE-2016-7256 - (2017.01.16) Risk Level: Very Low. Type: Trojan.
Trojan.Mestep - (2017.01.15) Risk Level: Very Low. Type: Trojan.
Backdoor.Akdoor - (2017.01.11) Risk Level: Very Low. Type: Trojan.
JS.Downloader gen28 - (2017.01.11) Risk Level: Very Low. Type: Trojan.
Backdoor.Remvio gm - (2017.01.10) Risk Level: Very Low. Type: Trojan.
W32.Kribz - (2017.01.10) Risk Level: Very Low. Type: Worm.
Ransom.Spora - (2017.01.10) Risk Level: Very Low. Type: Trojan.
JS.Downloader.E - (2017.01.08) Risk Level: Very Low. Type: Trojan.
Ransom.Evil - (2017.01.08) Risk Level: Very Low. Type: Trojan.

 

Latest Security Advisories (US-CERT)


Oracle Releases Security Bulletin (2017.01.18)
Original release date: January 18, 2017

Oracle has released its Critical Patch Update for January 2017 to address 270 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Oracle January 2017 Critical Patch Update and apply the necessary updates.




SMB Security Best Practices (2017.01.16)
Original release date: January 16, 2017 | Last revised: January 17, 2017

In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB. This service is universally available for Windows systems, and legacy versions of SMB protocols could allow a remote attacker to obtain sensitive information from affected systems.

US-CERT recommends that users and administrators consider:

  • disabling SMB v1 and
  • blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.

US-CERT cautions users and administrators that disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. The benefits of mitigation should be weighed against potential disruptions to users. For more information on SMB, please review Microsoft Security Advisories 2696547 and 204279.




ISC Releases Security Updates for BIND (2017.01.11)
Original release date: January 11, 2017

The Internet Systems Consortium (ISC) has released updates that address multiple vulnerabilities in BIND. A remote attacker could exploit any of these vulnerabilities to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.9-P5
  • BIND 9 version 9.10.4-P5
  • BIND 9 version 9.11.2-P2
  • BIND 9 version 9.9.9-S7

Users and administrators are encouraged to review ISC Knowledge Base Articles AA-01439, AA-01440, AA-01441, and AA-01442 and apply the necessary updates.




Adobe Releases Security Updates (2017.01.10)
Original release date: January 10, 2017

Adobe has released security updates to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Adobe Security Bulletins APSB17-01 and APSB17-02 and apply the necessary updates.




Microsoft Releases January 2017 Security Bulletin (2017.01.10)
Original release date: January 10, 2017

Microsoft has released four updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Microsoft Security Bulletins MS17-001 through MS17-004 and apply the necessary updates.




GRIZZLY STEPPE - Russian Malicious Cyber Activity (2016.12.29)
Original release date: December 29, 2016 | Last revised: December 30, 2016

The Department of Homeland Security (DHS) has released a Joint Analysis Report (JAR) that details Russian malicious cyber activity, designated as GRIZZLY STEPPE. This activity by Russian civilian and military intelligence services (RIS) is part of an ongoing campaign of cyber-enabled operations directed at the U.S. Government and private sector entities.

DHS recommends that network administrators review the Security Publication for more information and implement the recommendations provided.




Mozilla Releases Security Update (2016.12.28)
Original release date: December 28, 2016

Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Mozilla Security Advisory for Thunderbird and apply the necessary update.




FTC Releases Alert on Fake Apps for Mobile Devices (2016.12.22)
Original release date: December 22, 2016

The Federal Trade Commission (FTC) has released an alert on fraudulent mobile apps designed to exploit consumers. Some fake apps may steal personal information such as credit card numbers. By taking precautions, users can protect themselves and their private data.

US-CERT encourages users and administrators to refer to the FTC Scam Alert and background article on Understanding Mobile Apps. For more information, see the US-CERT Tip on Cybersecurity for Electronic Devices.




 

top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About