It has been a log while since I have posted, so let's see if any one is still listening, by posting a good security story:
I have a full time job as an Engineer, but I help a guy out part time with his small business network. He called me one morning claiming his antivirus software, AVG, was infected. I was very confused about this, so when I got there, I told him to show me what he was talking about. He clicked on a button in the AVG antivirus software and it took him to a malicious web page.
I was really confused about this and started looking at all of the processes running on his computer. This was a tough job, because I kept getting to malicious websites. My friend then told me they have been experiencing the same issue on another computer. With the firewalls in place and no shared authentication on the network, I was puzzled, momentarily.
I then logged into the Netgear router, the only thing the two computers had in common, and found the DNS addresses were defined and not provided by his internet provider's DHCP server. I removed the DNS addresses and Googled for Netgear issues, when I found this: https://threatpost.com/disclosed-netgear-router-vulnerability-under-attack/114960/
His router was one of the Netgear routers with this vulnerability and I had left remote administration on in case he ever needed me to change any settings, so I didn't have to do it as his office. At the time, it seemed the only way around the issue was to disable remote administration via the WAN. I am uncertain if Netgear has provided or will ever provide a fix to this.