Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2890102 times)

bob3160 · « **Reply #3450 on:** February 28, 2015, 03:26:56 PM »

Paranoia Personified - If all of this worries you,
Stop Using The Internet.

Staticguy · « **Reply #3451 on:** March 02, 2015, 06:24:47 AM »

Lenovo promises bloatware-free PCs, free McAfee subscriptions for Superfish victims

http://www.extremetech.com/computing/199997-lenovo-promises-bloatware-free-pcs-free-mcafee-subscriptions-for-superfish-victims

polonus · « **Reply #3452 on:** March 02, 2015, 02:34:28 PM »

MS pays Google in the bundle-war to get his apps prominently on Android., but also cashes in: http://www.theverge.com/2013/4/17/4233468/microsoft-and-foxconn-sign-android-chrome-patent-licensing-deal

pol

polonus · « **Reply #3453 on:** March 02, 2015, 07:01:44 PM »

European Europol action against Ramnit botnet became a fail: http://news.drweb.com/show/?i=9310&lng=en&c=5

polonus

Staticguy · « **Reply #3454 on:** March 02, 2015, 11:04:00 PM »

Antivirus Maker Avast Is Latest Overseas Tech Firm Blocked In China

http://techcrunch.com/2015/03/02/avast-blocked-in-china/

polonus · « **Reply #3455 on:** March 03, 2015, 12:35:16 AM »

Google is going to decide what information will be trustworthy: http://arxiv.org/abs/1502.03519v1
Link article poster = Xin Luna Dong.
The future for alternative information media websites and even satirical websites seems bleak.
The days of BigBrother's newspeak to arrive?

polonus

polonus · « **Reply #3456 on:** March 04, 2015, 12:34:19 AM »

Weak encryption in SSL comes back to bite us: http://www.washingtonpost.com/blogs/the-switch/wp/2015/03/03/freak-flaw-undermines-security-for-apple-and-google-users-researchers-discover/
I stumbled upon this because our forum member, Eddy, made me aware of this threat: https://freakattack.com/
Thanks. Eddy, for the heads up on this.
So Mozilla came up with this: https://mozilla.github.io/server-side-tls/ssl-config-generator/
Here you see such a weak encryption site being alerted: https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp (check: librus.pl)
Hi folks, the world of Interwebs becomes a more and more insecure place for us.

polonus

Para-Noid · « **Reply #3457 on:** March 04, 2015, 01:52:59 AM »

A Week in Security (Feb 22 – 28)

https://blog.malwarebytes.org/online-security/2015/03/a-week-in-security-feb-22-28/?utm_source=Gplus&utm_medium=social

Yet Another Cleaner, Yet Another Stealer

https://blog.malwarebytes.org/fraud-scam/2015/03/yet-another-cleaner-yet-another-stealer/?utm_source=Gplus&utm_medium=social

essexboy · « **Reply #3458 on:** March 04, 2015, 11:36:10 AM »

I have been removing YAC for nearly a year now

polonus · « **Reply #3459 on:** March 04, 2015, 01:32:43 PM »

Dear avast support forum users.

Threat of being tracked, where you least expect it. Look before you leap - always!

Aware of our forum members DavidR's worries about HTTPS-Everywhere and my analyzing of HTTPS Everywhere re-writes, I did some research on additional tracker threats where one should least expect it,
namely on a Dutch zimbra-driven https webmail website.

The results were shocking, folks. For more info read here:
https://forum.avast.com/index.php?topic=166044.msg1190258#msg1190258 and here: https://forum.avast.com/index.php?topic=167274.0

Who wants to read more and wants to explore these issues themselves, read my posting here:
https://forum.avast.com/index.php?topic=166044.msg1190259#new

polonus (volunteer website security analyst and website error-hunter)

polonus · « **Reply #3460 on:** March 04, 2015, 02:22:23 PM »

New security coming to Mozilla's firefox: https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/

polonus

polonus · « **Reply #3461 on:** March 04, 2015, 02:49:04 PM »

Defaced websites form an extended risk to also become infested with malware
http://killmalware.com/ gives a lot of new defaced websites.
These websites should also be checked against malcode.

polonus

polonus · « **Reply #3462 on:** March 04, 2015, 04:53:59 PM »

Google does not want to respect European law decisions considering the Right To Be Forgotten and therefore makes it harder now to reach their dot com pages from outside the US, Read: http://searchengineland.com/google-harder-to-reach-outside-us-215845 link article author = Danny Sullivan.
US criticism: http://www.nytimes.com/2015/02/04/opinion/europes-expanding-right-to-be-forgotten.html?_r=0

polonus

polonus · « **Reply #3463 on:** March 04, 2015, 06:47:51 PM »

Does Google quietly help NSA by backing away from encryption by default, seems so : http://arstechnica.com/gadgets/2015/03/google-quietly-backs-away-from-encrypting-new-lollipop-devices-by-default/

polonus

P.S. with an interesting discussion on the why's: http://www.reddit.com/r/Android/comments/2xoo3v/google_quietly_backs_away_from_encrypting_new/

D

polonus · « **Reply #3464 on:** March 04, 2015, 06:52:53 PM »

Was it all worth it? Re: http://www.forbes.com/sites/thomasbrewster/2015/02/27/lenovo-got-very-little-fr
Link article author = Thomas Fox-Brewster

polonus