Author Topic: Tests and other Media topics  (Read 160219 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #585 on: June 26, 2018, 10:09:34 PM »
EFF starts new project STARTTLS Everywhere to enhance e-mail security:
Example:
https://starttls-everywhere.org/results/?xs4all.nl

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #586 on: July 03, 2018, 06:07:22 PM »
L.S.

When the configuration of STARTTLS is OK, with the right policy list,
and all your hops secured, it is time for automatically enabling HTTPS on your website,
through the use of EEF's Certbot, go here: https://certbot.eff.org/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #587 on: July 04, 2018, 06:35:27 PM »
Idiot proof implementation of HTTPS: https://httpsiseasy.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #589 on: July 10, 2018, 01:14:08 PM »
Cryptojacking test for your browser: https://cryptojackingtest.com/

Cryptojacking test for your website: https://notmining.org/

Example of the second scanner for https://notmining.org/url?busqueda=http%3A%2F%2Fmejortorrent.com
Quote
Last update was on: Tue Jul 10 13:13:11 CEST 2018 . The result of this analyse was: Mining.
Detected: CoinHive.Anonymous (coinhive.com)

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #590 on: July 11, 2018, 03:46:46 PM »
Online Interactive JavaScript Cheat Sheet for developer and debugger alike:
https://htmlcheatsheet.com/js/

Enjoy, my good friends, enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #591 on: July 14, 2018, 12:45:48 PM »
How are the results like in this Cryptojacking campaign report are being searched?

Example: https://pastebin.com/gYkbVP8b  (some blockers block this link, link for researchers only, temporalily unblock in this case).

This is the searchengine they use: https://publicwww.com

Consider this: https://publicwww.com/websites/cryptojacking+/

And one finds further insights like these: https://www.csoonline.com/search?query=cryptojacking+websites&contentType=article%2Cresource

Enjoy, my good friends, enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #592 on: July 14, 2018, 01:56:11 PM »
Coming from here: https://www.htbridge.com/websec/?id=Cpy7Tv2c
We stumbled upon: -http://www.baberesto.com/jquery/jquery-1.8.3.min.js

Quote
Attackers often hide backdoors, crypto jacking malware and other malicious code inside of legitimate third-party JS (various libraries and frameworks). We check if a particular version of the third-party JS code was altered with a new code, and report any anomalies here.
The JS seems to match the original code.
The following JS component were found inside:- jQuery [1.8.3]
Then we scanned - https://retire.insecurity.today/#!/scan/641317ed91f88ae93e9067610c473dfcd9e2d68cf1aa721f4c47884ec7e9a1be

And then did a query with "" here: https://publicwww.com/websites/%22%2Fjquery%2Fjquery-1.8.3.min.js%22/
coming up with potentially 18774 websites in 5.14 s. with this medium secerity vulnerability:

Quote
Detected libraries:
jquery - 1.8.3 : (active1) hxtp://www.baberesto.com/jquery/jquery-1.8.3.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
https://bugs.jquery.com/ticket/11974
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected

error(s) inside this javascript code:
Quote
wXw.baberesto.com/jquery/jquery-1.8.3.min.js
     status: (referer=http:/XXX/web?q=puppies)saved 93636 bytes 06e872300088b9ba8a08427d28ed0efcdf9c6ff5
     info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
     info: [decodingLevel=0] found JavaScript
     error: undefined function p.getElementsByTagName
     error: undefined variable p
     info: [element] URL=wXw.baberesto.com/jquery/undefined
     info: [1] no JavaScript
     file: 06e872300088b9ba8a08427d28ed0efcdf9c6ff5: 93636 bytes
     file: d5dba94a76a67a54f2b98b16227da20414542fd9: 72 bytes
-> leading to wXw.baberesto.com/jquery/undefined

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 30509
  • malware fighter
Re: Tests and other Media topics
« Reply #594 on: Today at 12:18:03 AM »
Testing websites for tracking.

Check websites for tracking here (example): https://whotracks.me/trackers/snigelweb.html

and compare with a scan at (same example): https://privacyscore.org/site/111090/
ANALYZED URL AFTER LOADING:
-http://www.snigelweb.com/   site is using 17 known tracking- or advertising companies.
Vulnerable to the SWEET32 attack.

ANALYZED MAIL SERVER:
-aspmx.l.google.com


polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
« Last Edit: Today at 12:24:29 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!