The Internet is full of malicious actors looking to take advantage of insecure networks and devices. While corporate and government targets may be the biggest targets because of the valuable data they possess, home users still need to be cautious. Phishing attacks usually via email is the most common attack for home users. Fortunately, those attacks are typically easy to avoid by alert users who do not blindly click every attachment and web link contained in their emails.
A DMZ (demilitarized zone) is a segmented part of a network that is used to host all publicly accessible websites and services. The intention is to protect the internal network from external threats. It is an effective strategy to minimize public exposure of your critical assets as well as limit the damage caused when an intruder is able to penetrate your network. A great definition of a DMZ can be found here.
Cable Haunt is a recent vulnerability that has been found in over 200 million cable modems in Europe and likely many more in other countries as well. Many modern modems use similar Broadcom chipsets and used the same reference firmware which contained the vulnerability. Because of this, the impact of this vulnerability is much greater than it would have been otherwise. Software running in many (probably nearly all) consumer modems have not implemented best practices for security.
The concept of defense in depth is nothing new. Militaries use this strategy to slow down the advancement of opposing forces. Rather than try to prevent all advancement of the enemy, sometimes it is enough to slow them down (with hopes that they will surrender or retreat). The same is true with cyber security. Increasing the layers of defense in your network can decrease the likelihood of a full network compromise.
