Author Topic: Tests and other Media topics  (Read 579360 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1020 on: September 25, 2022, 03:03:40 PM »
Went over to VirusTotal to check on an alleged DOS-attack undertaken from -js.stripe.com via -m.stripe.network on the -www.unz.com website.

A rescan for the finalizing scan results was only available for privileged users,
so I launched an anonymous  search here:
https://packettotal.com/app/analysis?id=57809fff9e90ae7dc08403185cd44569&name=conn

What came us there were all Wireshark packed scans (connection and others)

Packettotal, quite nice resources,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1021 on: September 28, 2022, 03:56:46 PM »
Scan tools resources being worked around here: https://www.dshield.org/tools/

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #1022 on: September 28, 2022, 04:17:34 PM »
Scan tools resources being worked around here: https://www.dshield.org/tools/

pol

Bookmarked, thanks.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1023 on: September 28, 2022, 04:46:13 PM »
Example: https://www.dshield.org/tools/dnslookup.html

Interesting in the light of this news: https://www.quad9.net/news/blog/an-update-to-the-quad9-and-sony-music-german-court-injunction-august-2022/

And these recommendations: https://bgr.com/guides/the-best-free-and-public-dns-servers-in-2022/

Issues like no security support for non-business users and/or no ad-blocking at Cloudflare's for instance could be serious considerations what DNS to choose. On windows one could use DNS Jumper v2 to change one's DNS on the fly.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1024 on: September 29, 2022, 02:30:52 PM »
TLS Checker with instant results to be found here: https://www.cdn77.com/tls-test

Moderate version 1.2. found to reside here: https://www.cdn77.com/tls-test/result?domain=forum.avast.com

Check also with otto for Chrome: no Tracking Scripts, no Data Stealing, no Malware, no Weak Security.

Also has a CSP designer on board, example:
Quote
default-src 'self' ; worker-src 'self' blob: ; script-src 'self' 'unsafe-eval' 'unsafe-inline'

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1025 on: October 02, 2022, 02:07:55 PM »
Website scan sites to check on a potential phish:

https://easydmarc.com/tools/phishing-url   &   https://checkphishing.com/

In this case 5 vendors at VT also flag this as a PHISH:
https://www.virustotal.com/gui/url/a84de0bf2fb6d844449b6d785597b2cf5b28c178021632ba34b5e50df5e5f25f

while that website's IP is only being flagged by one instance here:
https://www.virustotal.com/gui/ip-address/155.94.143.206

while here all instances were given:
https://www.virustotal.com/gui/ip-address/155.94.143.206/relations

So we will look for ASN-QUADRANET-GLOBAL abuse at URLHAUS, cleantalk.org, ip.lookup.org.
VPN/TOR/Proxy: Likely (and also abuse) 4% online malware
-> https://www.ip-lookup.org/location/155.94.143.206/

polonus


Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1026 on: October 21, 2022, 11:34:31 AM »
You are being tracked inside your browser all over the Internet.
Do not feed data that you do not want to share with the world and land on all sort of desks.

Who is tracking you - a extension to see what goes on is the "Who is tracking me"-extension

Reporting here for instance on a website for a big national Dutch newspaper
38 instances of GStatics tracking, -googleapis.com and -privacy-centre.org

Disconnect extension only flags 3. Brave shield blocks 2,

We found one unhandled javascript error
Quote
Unhandled JavaScript Error
at window.console.error (<anonymous>:1:649) at hxtps://www.telegraaf.nl/:17:23 at patchedCallback (<anonymous>:132:45)
Error at 17:23 of hxtps://www.telegraaf.nl/


polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1027 on: October 26, 2022, 01:09:12 PM »
All chromium-based browser may leak your local IP.

Test here: https://niespodd.github.io/webrtc-local-ip-leak/

Then this WebRTC Control extension will prevent leakage:
https://chrome.google.com/webstore/detail/webrtc-control/fjkmabmdepjfammlpliljpnbhleegehm

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1028 on: October 26, 2022, 03:39:40 PM »
Where the threat was being reported: https://urlhaus.abuse.ch/url/2385725/

Where it was detected as not to be scanned: https://sitecheck.sucuri.net/results/warukraine.co/un/nsittes

Where the IP address was being scanned by Threat Analysis: https://jamesbrine.com.au/213.229.66.214/

Flagged as suspicious by one vendor here: https://www.virustotal.com/gui/url/749739209e87e4fda855f3a47713d1f4317a74ea44bdae86c6e8199bd4adcb7b
Categorized as compromised website - https://www.virustotal.com/gui/url/749739209e87e4fda855f3a47713d1f4317a74ea44bdae86c6e8199bd4adcb7b/details

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1029 on: November 10, 2022, 03:11:27 PM »
IP blacklist checking for a server address used by MBAM:
https://www.ip-tracker.org/blacklist-check.php?ip=Sirius.mwbsys.com

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1030 on: November 17, 2022, 12:38:31 PM »
Tested my adblocking in the latest beta version of the Avast Secure Browser.

Likely you would like to test also, then go here: https://adblock-tester.com/
(made by matuhin dot ru) (P.S. your English seems fine to me).

Enjoy my friends,

By the way, I had the full 100 points out of 100:
Quote
This is the most common form of advertising and tracking on the internet. It’s very easy for website owners to set up. These services collect data about you in order to find the right advertisement for you.

close
Script loading:  ✅ test passed
Block visibility:  ✅ test passed
close
Script loading:  ✅ test passed
Block visibility:  ✅ test passed
close
Script loading:  ✅ test passed
Block visibility:  ✅ test passed
medium
close
These services monitor your actions on the site and collect information about you. They are needed only by the owner of the site, for the user it is only unnecessary requests and the code that needs to be executed. Unfortunately, blocking them sometimes can completely break the site.

close
Script loading:  ✅ test passed
Script execution:  ✅ test passed
close
Script loading:  ✅ test passed
Script execution:  ✅ test passed
low
close
This type of advertising is often used on large websites that sell ad space. It is difficult to block because it is difficult to distinguish between an advertising image and a regular image. Often the rules are written for each site separately, so this check is not entirely accurate. It only checks for the presence of keywords in the file path and the availability of Flash.

close
File loading:  ✅ test passed
Block visibility:  ✅ test passed
close
File loading:  ✅ test passed
Block visibility:  ✅ test passed
close
File loading:  ✅ test passed
Block visibility:  ✅ test passed
low
close
Unlike analytics tools, these services are used to track and measure errors on websites. Services monitor almost all user actions so that the error message is as complete as possible. Most often, if you turn these off, nothing will break.

close
Script loading:  🏳️ unable to check (possibly due to service security settings)
Script execution:  ✅ test passed
close
Script loading:  ✅ test passed
Script execution:  ✅ test passed
100 points out of 100
(10 services, 20 cheks)

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1031 on: November 17, 2022, 01:37:41 PM »
PrivacyGuides.org
The guide to restoring your online privacy

https://www.privacyguides.org

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1032 on: November 29, 2022, 10:27:53 PM »
Various scanners to scan scam websites

urlscan.io
www.emailveritas.com   
www.scamvoid.net
www.scam-detector.com 
www.scamaider.com

for tracking apps:  reports.exodus-privacy.eu.org   

website scanner:
ionos.com/tools/website-checker     
sitecheck.sucuri.net

enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1033 on: December 14, 2022, 01:10:54 PM »
In the light of all the data breaches on websites and recent SSL vulnerabilities through heap overflow (fortinet's etc.) it is advisable to do a thorough SSL Server Test, like:
https://www.ssllabs.com/ssltest/analyze.html?d=fortinet.com  (also check with  certview there).

At SSLBL.abuse.ch for detecting malicious SSL Threats, at www.zscaler.com

SSL Certificate Chain analysis at vulners.com Using the SSL Checker at www.sslshopper.com

Online SSL Scan at hackertarget.com  &  SSL Scanner report at www.ssltools.com

Enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #1034 on: December 17, 2022, 10:26:38 AM »
Why so many websites lack a decent CSP policy?

Like these here forums. F-grade: Result
CSP Protection
None
CSP Reporting
Missing
CSP Validity
Invalid
XSS
No CSP Protection
Clickjacking
No CSP Protection
Formjacking
No CSP Protection
General
No CSP Protection

You could argue, they just provide plain content, so they do not need CSP,
but what in view of all the forum-spam to be cleansed?

Just check your CSP scanner extension, it is always penny wise and pound foolish policies.

Also use this: https://csp-evaluator.withgoogle.com/
Check with: https://cspvalidator.org/#url=https://forum.avast.com

No CSP policies in headers or meta elements found at -https://forum.avast.com/

polonus
« Last Edit: December 19, 2022, 02:02:37 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!