Author Topic: Tests and other Media topics  (Read 376321 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #900 on: May 11, 2021, 06:08:16 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #901 on: May 13, 2021, 01:17:34 PM »
Website with recent data leaks. Related to a hypernode glitch?
Re: https://www.magereport.com/scan/?s=https://www.serverkast.com/

<iframe src="hxtps://www.googletagmanager.com/ns.html?id=GTM-MQCQSDP" height="0" width="0" style="display:none;visibility:hidden"></iframe>
Just a note, social media buttons often show up here. They are probably OK.

Link check: https://urlextractor.net/?target_url=https%3A%2F%2Fwww.serverkast.com%2F&href=1&link_type=all&image=1&meta=1&extract=Extract+Links

See: https://webhint.io/scanner/208f611c-d4ac-4a9e-87d3-4cace8f39ab5  (48 hints)

See: https://awesometechstack.com/analysis/website/serverkast.com/?protocol=https%3A

polonus
« Last Edit: May 13, 2021, 01:46:28 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
« Last Edit: May 22, 2021, 02:04:27 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #903 on: May 19, 2021, 05:37:26 PM »
Google will limit user agent Chrome info not earlier than next year.

See how unique you and your browser are: https://amiunique.org/fp

"Yes! You are unique among the 3524670 fingerprints in our entire dataset".

Read: https://whoer.net/blog/fingerprints-unique-browser-traces-part-2/

polonus
« Last Edit: May 19, 2021, 05:43:07 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #904 on: May 23, 2021, 10:57:00 PM »
Dear online Interweb's end-users,

Your privacy may be at stake. Nice resources: https://restoreprivacy.com/

On search engines, where your privacy is often the price you pay for your search results.

Some search engines may have big red flags, when owned by a US company.

The U.S. has extensive surveillance pograms, which are caried out by various branches of the government
with a long history of facilitating bulk data collection (questions raised for private search engines hosted on Amazon,
and also in the Cloud). So read here: https://restoreprivacy.com/private-search-engine/ 

(info credits: Sven Taylor 2020).

With the new situation at hand now through 2021 and the pandemic,
we'll have to see how privacy restore can still be enabled, and to what an extent.

polonus
« Last Edit: May 23, 2021, 11:59:17 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #905 on: May 26, 2021, 10:05:24 PM »
Check on changing status when opening a particular website inside the browser and security of a connection.
-https://ip-46.com/77.247.110.24
200
200
  from cache
and
-https://ip-46.com/77.247.110.24
-1
-1
 
 14111 ms
0
Backlinks
LRT Power0
PAGE
LRT Trust0
0
 
0

No PFS - https://sitereport.netcraft.com/?url=https://ip-46.com

Communicating file detected: https://www.virustotal.com/gui/ip-address/198.50.154.167/relations

F-test scores: https://observatory.mozilla.org/analyze/ip-46.com

Free check sites at: (example) https://www.ssltrust.com.au/ssl-tools/website-security-check?domain=forum.avast.com (all green).

polonus
« Last Edit: May 27, 2021, 05:50:33 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #906 on: May 29, 2021, 12:46:18 PM »
Checking the vulnerability and security status of an open source project's code?

Check here: https://metrics.openssf.org/grafana/d/default/metric-dashboard?orgId=1&var-PackageURL=pkg:github%2Fretirejs%2Fretire.js   (random example for retire.js)

Can best be done by others than those that wrote the code,
as developers are known to be blind to their own coding-errors.

Main issue can be is the code being maintained (no left code): https://isitmaintained.com/project/retirejs/retire.js

polonus
« Last Edit: May 29, 2021, 12:50:20 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #907 on: May 31, 2021, 12:55:54 PM »
Indicators of Compromise, read: https://www.fortinet.com/resources/cyberglossary/indicators-of-compromise
Example of njRAT malware: -https://any.run/malware-trends/njrat
Particular incident: -https://app.any.run/tasks/1bb9bb5f-fba5-4674-80dd-07d7788a771b/
Could not be scanned here: https://urlscan.io/result/fc46bfb6-4b11-4b7a-800c-b795c9d3b94a/
However see: https://urlscan.io/result/79d5e9fe-4635-4e4d-8592-790e479a8ee4/
IoC: https://urlscan.io/result/79d5e9fe-4635-4e4d-8592-790e479a8ee4/#indicators
Server error encountered for: https://urlscan.io/domain/knrpc.olark.com

Another resource:
-https://bazaar.abuse.ch/sample/0685a699fb13d6bc99b6aee35381acf77b00155d56e7448a300aa308fd07598c/

Earlier abuse was not detected on IP here: 3.141.210.37  Amazonaws abuse: https://www.shodan.io/host/3.141.210.37
See: https://security-tracker.debian.org/tracker/CVE-2018-20685  for 7.4.p1 Debian Open SSH vuln.
User Enumeration is not being treated as a vulnerability, and provision recovery requests.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: May 31, 2021, 01:20:06 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #908 on: June 01, 2021, 11:10:42 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #909 on: June 05, 2021, 06:19:09 PM »
Interesting security project for code developers by Google.
Example
Re: https://deps.dev./npm/node.js  (see why for instance owner 0.0.0. was deleted).
Re: https://deps.dev/npm/bootstrap

Also view information about checks (for instance through fuzzing) and how to fix failures.

Vizualization: https://deps.dev/cargo/tui  Example: https://deps.dev/cargo/bootstrap/1.0.2

polonus (volunteer 3rd party cold reconnaissance website security-analyst and website error-hunter)
« Last Edit: June 09, 2021, 01:13:34 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
« Last Edit: June 06, 2021, 12:05:00 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #911 on: June 06, 2021, 03:01:36 PM »
Detect a roque DCHP server with Microsoft Roque Check Tool.
MS does not have the downlink link anymore.
But it can still be found here: https://www.tachytelic.net/2019/05/detect-rogue-dhcp-server/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #912 on: June 09, 2021, 07:01:48 PM »
Check your browser fingerprint: https://fingerprints.bablosoft.com/canvas

Mine slightly adjusted by Jitter extension.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #913 on: June 17, 2021, 12:11:18 AM »
Some cache clearing/cache evading code could be interpreted as attack code when used in uri's.

What code:
Quote
ajax%28%7B+url%3A+window.location.href%2C+headers%3A+%7B+"Pragma"+%3A+"no-cache"+%2C+"Expires"+%3A+-1%2C+"Cache-Control"+%3A+"no-cache"+%7D+%7D%29.done%28function+%28%29+%7B+window.location.reload%28true%29

This triggers a attack code alarm detected by NoScript and a proposition to block the requst,
or allowed could bring you back to a welcome page on php driven websites, when used as part of an uri request.

The code is from stackoverflow (info credits go there), so proposedly given with good intentions to solve a problem,
but can deliver a ban when used inside an uri. So be aware with your cut and pasting inside your browser of choice.
Always (re-)think before you leap,

polonus
« Last Edit: June 17, 2021, 12:13:46 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Tests and other Media topics
« Reply #914 on: June 20, 2021, 10:16:12 PM »
Keep an eye on the availability of the big (cloud) networks.
Re: https://www.dnsperf.com/  And mind you, when you see less, it's better.
See random example: https://www.dnsperf.com/dns-provider/onapp

What would we see in case of a big cyber-infrastructure meltdown?
In case of trouble here: https://www.dnsperf.com/dns-provider/cloudflare (or amazon)?
Also see: https://dnsmap.io/#A/restoreprivacy.com

WEF's spokesmen have warned us it could come to this.

Security never should be a last resort issue. ;)

polonus
« Last Edit: June 20, 2021, 10:18:48 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!