Advisory: NT Lan Manager Abuse Mitigation
Sep 2018: NTLM authentication is being used to harvest user credentials, and CERT
Australia has prepared a list of recommendations for techniques to mitigate abuse of NTLM authentication
Studentnet Recommended Browsers
Outdated browsers are one of the major security risks on the Internet.
It is essential to keep your browser up-to-date, as that is the only genuine protection against such vulnerabilities.
See recommended versions of popular
browsers supported by Studentnet
Sep 2014: The POODLE Attack
A recent exploit directed against out-of-date browsers is the POODLE attack, which exploits SSLv3, used in older
browsers. TLS (Transport Layer Security), implemented in recent browsers,
provides protection. More information on POODLE.
Sep 2014: The Shellshock bash Vulnerability
Wikipedia for more information.
Shellshock is a family of major security bugs in the widely used Unix bash
shell, first disclosed on 24 September 2014. Software such as web servers use
bash to process commands. Attackers can use vulnerable versions of bash to
execute arbitrary commands and gain unauthorized access to systems. By 25
September botnets based on Shellshock-compromised computers were already being
used for distributed denial-of-service attacks and vulnerability scanning.
Technical Tests and Fixes
Apple OS X