Default SSH Key Found in Many Cisco Security Appliances | Threatpost

Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. The company said that all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability.

This bug is about as serious as they come for enterprises. An attacker who is able to discover the default SSH key would have virtually free reign on vulnerable boxes, which, given Cisco’s market share and presence in the enterprise worldwide, is likely a high number. The default key apparently was inserted into the software for support reasons.

Source: Default SSH Key Found in Many Cisco Security Appliances | Threatpost | The first stop for security news

SANS: https://isc.sans.edu/diary/Cisco+default+credentials+-+again!/19839

Samsung deliberately disabling Windows Update | Debugging and reverse engineering

TL; DR

If you have installed Samsung’s SW Update software then you MAY have Windows Update disabled EVEN AFTER the removal of Samsung’s SW Update software.

Check the Folder %ProgramData%\Samsung folder (usually C:\ProgramData\Samsung) and remove “Disable_Windowsupdate.exe“.  Also, check for any scheduled tasks that run this program.

Source: Debugging and reverse engineering: Samsung deliberately disabling Windows Update

[Update] more on the story here: http://venturebeat.com/2015/06/23/samsung-is-actively-disabling-windows-update-on-at-least-some-computers/

When Solid State Drives are not that solid | Milliseconds Matter

TL;DR
Broken SSDs with the Linux kernel (specifically Ubuntu 14.04) and TRIM support:

  • SAMSUNG MZ7WD480HCGM-00003
  • SAMSUNG MZ7GE480HMHP-00003
  • SAMSUNG MZ7GE240HMGR-00003
  • Samsung SSD 840 PRO Series
    recently blacklisted for 8-series blacklist
  • Samsung SSD 850 PRO 512GB
    recently blacklisted as 850 Pro and later in 8-series blacklist

Working SSDs:

  • Intel S3500
  • Intel S3700
  • Intel S3710

Source: When Solid State Drives are not that solid | Milliseconds Matter

Some 100,000 or more WordPress sites infected by mysterious malware | Ars Technica

More than 100,000 websites running on WordPress content management system have been found to be infected with malware that attacks the devices of site visitors. Google has blacklisted more than 11,000 domains. Reports suggest that the attackers exploited a vulnerability in the Slider Revolution Premium plug-in, which the company has known about since September 2014.

Moral of the story: Install WordFence and keep as up to date as possible with the WordPress plug-ins.

Some 100,000 or more WordPress sites infected by mysterious malware | Ars Technica.