Author Topic: Tests and other Media topics  (Read 592070 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1112 on: March 21, 2024, 02:53:12 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1113 on: March 25, 2024, 01:49:09 PM »
To be combined with other scanners for more reliable results (e.g. with PHISHING scams):

https://vulnscanner.ai/   can be combined with https://hackertarget.com/wordpress-security-scan/

https://checksite.ai/  can be combined with VT scan.

enjoy my friends,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1114 on: April 18, 2024, 03:51:44 PM »
Want to find out how your Android app is tracking you?

Go here: https://reports.exodus-privacy.eu.org/en/     for a survey of trackers and permissions.

Example: https://reports.exodus-privacy.eu.org/en/reports/com.avast.android.mobilesecurity/latest/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1115 on: April 25, 2024, 09:54:47 PM »
When checking on an IP reported here: https://www.abuseipdb.com/

We could also look for vulnerabilities here: https://www.shodan.io/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1116 on: May 01, 2024, 03:50:16 PM »
Based on the information provided by GreyNoise Visualizer, the IP address 193.32.162.15 is categorized as malicious hosting, being associated with the organization Unmanaged Ltd. The activity observed from this IP address indicates scanning of ports and protocols, along with requested paths. Additionally, there are fingerprints of SSH and TLS negotiation between this IP and the GreyNoise sensor.

The timeline feature on GreyNoise Visualizer would provide a chronological view of the observed activity associated with the IP address 193.32.162.15. This timeline may include details of when the scanning activities occurred, which ports and protocols were targeted, the paths that were requested, and any interactions involving SSH and TLS. This timeline can be valuable in understanding the pattern of malicious behavior exhibited by the IP address, allowing for better threat analysis and response. It is important to monitor this timeline closely and take appropriate security measures to protect systems and networks from potential attacks originating from this IP address.

Only 1 vendor to flag as malicious: https://www.virustotal.com/gui/url/14516652f0be7305c124c3980fbd799285de9f74195dcef74b697677ea761d86/community

polonus
« Last Edit: May 01, 2024, 04:09:07 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5687
  • Spartan Warrior
Re: Tests and other Media topics
« Reply #1117 on: May 06, 2024, 07:42:53 AM »
Posting your findings does help.

Now up to 6 vendors.
Windows 10 Home 64-bit 22H2 Microsoft Windows Defender - Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.4.6112 (build 24.4.9067.762) UI version 1.0.803

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1118 on: May 11, 2024, 04:31:56 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33926
  • malware fighter
Re: Tests and other Media topics
« Reply #1119 on: May 11, 2024, 04:35:40 PM »
The server at 92.118.1499.230 may be vulnerable to the following security issues:

CVE-2023-51767: Row hammer attacks on OpenSSH through 9.6, which could allow authentication bypass if the attacker has user privileges and is co-located with the victim.
CVE-2023-51385: OS command injection in OpenSSH before 9.6, which could occur if a user name or host name has shell metacharacters and is referenced by an expansion token.
CVE-2023-51384: Incomplete application of destination constraints in ssh-agent in OpenSSH before 9.6, which could allow certain private keys to be added to the agent without proper constraints.
CVE-2023-48795: Terrapin attack in SSH transport protocol, which allows remote attackers to bypass integrity checks and downgrade or disable security features.
CVE-2023-38408: Remote code execution in ssh-agent in OpenSSH before 9.3p2 due to an insufficiently trustworthy search path.
CVE-2021-41617: Privilege escalation in OpenSSH 6.2 through 8.x due to insufficient initialization of supplemental groups.
CVE-2021-36368: Potential authentication bypass in OpenSSH before 8.9 due to lack of logging and verification of FIDO authentication.
CVE-2016-20012: User enumeration in OpenSSH through 8.7, which allows remote attackers to test whether a certain combination of username and public key is known to an SSH server.
CVE-2008-3844: Trojan horse modification in certain Red Hat Enterprise Linux packages for OpenSSH, which could have an unknown impact.
CVE-2007-2768: User account enumeration in OpenSSH when using OPIE for PAM, which allows remote attackers to determine the existence of certain user accounts.
It is important to note that not all of these vulnerabilities may be applicable to your specific server configuration, and that some may have been addressed in newer versions of OpenSSH. It is recommended to update your OpenSSH version to the latest available and to apply any necessary patches or workarounds to mitigate these vulnerabilities.

info source deepai: from shodan.io data provided to it,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!