Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2084352 times)

0 Members and 3 Guests are viewing this topic.


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36989
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5311 on: May 26, 2017, 11:21:05 PM »
Hacked in Translation – from Subtitles to Complete Takeover
http://blog.checkpoint.com/2017/05/23/hacked-in-translation/

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5312 on: May 27, 2017, 06:17:45 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33064
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5313 on: May 27, 2017, 04:31:08 PM »
Will we browse against the machine or are we being borked by the machine?

Google blacklisting gets stricter for non-https-websites: https://blog.sucuri.net/2017/05/non-https-websites-blacklisted-for-passwords-without-ssl.html

Mozilla starts campaign against Google Chrome's Monoculture & Monopoly: https://medium.com/the-official-unofficial-firefox-blog/browse-against-the-machine-e793c0fee917

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 45154
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5314 on: May 27, 2017, 04:44:52 PM »
Will we browse against the machine or are we being borked by the machine?

Google blacklisting gets stricter for non-https-websites: https://blog.sucuri.net/2017/05/non-https-websites-blacklisted-for-passwords-without-ssl.html

Mozilla starts campaign against Google Chrome's Monoculture & Monopoly: https://medium.com/the-official-unofficial-firefox-blog/browse-against-the-machine-e793c0fee917

polonus
I learned a long time ago that knocking your enemies isn't a good way to make friends.
The cream usually rises to the top without needing to know other things down.
If Firefox wants to get a bigger share of the market share, simply become a better browser and it will attract users just like honey attracts flies. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v20H2 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5316 on: May 29, 2017, 04:17:10 AM »
Microsoft Quietly Patches Another Critical Malware Protection Engine Flaw
https://threatpost.com/microsoft-quietly-patches-another-critical-malware-protection-engine-flaw/125951/
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33064
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5317 on: May 29, 2017, 11:49:58 PM »
Honeypots for NSA SMB exploit take one attack every minute now:
Read: https://doublepulsar.com/eternalpot-lessons-from-building-a-global-nation-state-smb-exploit-honeypot-infrastructure-3f2a0b064ffe

Info credits: Kevin Beaumont

The USA and the world may have  escaped from a very serious threat this time, it might have costed lives:
https://publicintelligence.net/dhs-ocia-wannacry/

Let us hope NSA learned this lesson well.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5318 on: May 30, 2017, 05:37:51 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5319 on: May 30, 2017, 05:42:29 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1910
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5320 on: May 30, 2017, 05:43:21 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36989
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5321 on: May 30, 2017, 04:01:51 PM »
Is the dark web safe? ... nope

Red on Red: The Attack Landscape of the Dark Web
http://blog.trendmicro.com/trendlabs-security-intelligence/red-on-red-the-attack-landscape-of-the-dark-web/


Quote
Conclusions

We didn’t think that hidden services operated within Tor would be attacked by other cyber-criminals. We were proven wrong—twice, in fact.

First, we were surprised when we learned that Tor proxies were making the Dark Web not as “dark” as some people would think. As a result, we started filtering out this traffic from our honeypots.

We thought this would prevent any further attacks, but we were mistaken. The attacks continued to take place. It turned out that cybercriminals were looking for services operated by other organizations and manually conducting attacks. Given that indexing and searching is more difficult within the Dark Web, this shows the amount of effort motivated criminals are putting into finding and disabling sites controlled by their competitors.

Apparently, there is no honor among thieves.






Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36989
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5322 on: May 30, 2017, 04:18:46 PM »
Honeypots for NSA SMB exploit take one attack every minute now:
Read: https://doublepulsar.com/eternalpot-lessons-from-building-a-global-nation-state-smb-exploit-honeypot-infrastructure-3f2a0b064ffe

Info credits: Kevin Beaumont

The USA and the world may have  escaped from a very serious threat this time, it might have costed lives:
https://publicintelligence.net/dhs-ocia-wannacry/

Let us hope NSA learned this lesson well.

polonus



Quote
Quote
One thing I will say — I don’t want to name the vendors, but some of the biggest next-generation security products simply aren’t detecting SMB attacks nearly well enough. Malware regularly infects these systems, and they have to be reimaged as a result. It is amazing seeing next gen, premium tools with machine learning etc running Coin Miners and remote access trojans delivered via old exploits, with the tools not even noticing. It has been very eye opening for me. The marketing to reality Venn diagram here isn’t so Venn. At times it is so bad it is actually jaw dropping seeing certain attacks not being detected.



Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33064
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5323 on: May 30, 2017, 04:56:52 PM »
Only 4% of WordPress websites have the latest version and all patches installed:

https://securityintelligence.com/relying-on-data-to-mitigate-the-risk-of-wordpress-website-hijacking/

Check at Quttera and Sucuri's and also here: hackertarget.com/wordpress-security-scan/
Check sri hashes here: https://sritest.io/  and  retirable jQuery libraries here: http://retire.insecurity.today/#

Also check here: https://observatory.mozilla.org/  for a rough and dirty scan of insecurity.

polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33064
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5324 on: May 30, 2017, 05:01:16 PM »
Yandex Ukraine offices came under scrutiny from SBU: https://www.theregister.co.uk/2017/05/30/yandexs_ukraine_offices_raided_for_treason/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!