Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Sucuri and nvidia.com
« previous
next »
Print
Pages:
1
2
[
3
]
Go Down
Author
Topic: Sucuri and nvidia.com (Read 11104 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33925
malware fighter
Re: Sucuri and nvidia.com
«
Reply #30 on:
February 27, 2014, 07:32:59 PM »
Hi Ijkoy,
Well the ongoing asp.net server insecurities are still there,
according to:
https://asafaweb.com/Scan?Url=www.nvidia.com%2Fpage%2Fhome.html
but that does not make that uri malicious per se, see:
https://www.virustotal.com/nl/url/492dc9e1dedb0ce1fecc5963baf82a07911ae820748e3704fd05b4f2d89595b2/analysis/
But those responsible for hosting that site could do a far better job to secure/harden their servers against such mentioned insecurities
See:
http://urlquery.net/report.php?id=9691915
But there is still malware being launched from other domains on that same IP:
Recent reports on same IP/ASN/Domain (filemagic IDS alerts on downloads)
and this IDS alert for ETPRO WEB_CLIENT Microsoft Internet Explorer remote code execution via option element
see;
http://urlquery.net/report.php?id=9692088
So PowerTech Information Systems AS should not turn a blind eye to this abuse.
Been there before for this IP see:
http://forum.avast.com/index.php?topic=137534.0
Yours are possibly cached results from Thu Feb 27 19:57:25 2014.
Furthermore we conclude that there was suspicious/malicious code found, but there were no malicious redirects given.
There are no suspicious redirects found. ->
http://zulu.zscaler.com/submission/show/62add027141778238aab5b8596008a0e-1393525056
See where the initial maldbresults stemmed from:
http://evuln.com/tools/malware-scanner/www.nvidia.com/
See for advice:
http://sitecheck2.sucuri.net/results/3773406.fls.doubleclick.net#sitecheck-details
(their service is not free)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages:
1
2
[
3
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Sucuri and nvidia.com