Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2194569 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33330
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5715 on: July 23, 2018, 02:23:08 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5716 on: July 25, 2018, 06:04:32 AM »
Vulnerability Note VU#304725 - Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
https://www.kb.cert.org/vuls/id/304725
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5717 on: July 26, 2018, 06:11:38 AM »
Scam alert! Don’t fall for this webcam extortion ploy
https://blog.avast.com/scam-alert-dont-fall-for-extortion-ploy
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85770
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5718 on: July 26, 2018, 10:16:43 AM »
Scam alert! Don’t fall for this webcam extortion ploy
https://blog.avast.com/scam-alert-dont-fall-for-extortion-ploy

Ha, just like those that have been appearing in the forums.  I just wonder if these hadn't initiated the blog article.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.697) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5719 on: July 27, 2018, 05:56:03 AM »
Vulnerability Note VU#304725 - Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
https://www.kb.cert.org/vuls/id/304725
Bluetooth flaw allows man-in-the-middle attacks
https://blog.avast.com/bluetooth-security-flaw
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33330
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5720 on: July 27, 2018, 11:01:43 AM »
Ha der Asyn,

This just after we had KRACK and BlueBorn on android.
But there has been security problems since the introduction of King Harald Bluetooth protocol, so since 1989.

Most vulnerable Bluetooth is at installing a new Bluetooth device during the so-called "pairing".
Read: https://www.makeuseof.com/tag/3-ways-bluetooth-device-security-risk/
Read: https://cs.stanford.edu/people/eroberts/courses/soco/projects/2003-04/wireless-computing/sec_bluetooth.shtml
For encryption glitches: http://colinoflynn.com/2016/11/philips-hue-aes-ccm-and-more/

S.G.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33330
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5721 on: July 30, 2018, 05:58:54 PM »
A malvertising campaign on thousands of WordPress websites:
https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
And again redirects to AdsTerra seem to be involved.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37106
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5722 on: July 31, 2018, 03:25:45 PM »
The Need for Managed Detection and Response: Persistent and Prevalent Threats in North America’s Security Landscape
https://blog.trendmicro.com/trendlabs-security-intelligence/the-need-for-managed-detection-and-response-persistent-and-prevalent-threats-in-north-americas-security-landscape/



Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 46138
  • 61 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5723 on: July 31, 2018, 03:31:24 PM »
The Need for Managed Detection and Response: Persistent and Prevalent Threats in North America’s Security Landscape
https://blog.trendmicro.com/trendlabs-security-intelligence/the-need-for-managed-detection-and-response-persistent-and-prevalent-threats-in-north-americas-security-landscape/
The difference between this report from Trend Micro and the one from Avast is the product recommended to protect you from this dangerous landscape.
I prefer the software recommended by Avast. :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, AvastOmni 21.6, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5724 on: August 01, 2018, 06:16:40 AM »
A malvertising campaign on thousands of WordPress websites:
https://research.checkpoint.com/malvertising-campaign-based-secrets-lies/
And again redirects to AdsTerra seem to be involved.

polonus
Malvertising in plain sight
https://blog.avast.com/malvertising-in-plain-sight
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5725 on: August 02, 2018, 11:52:06 AM »
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33330
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5726 on: August 02, 2018, 04:37:36 PM »
Hi Asyn,

Various ways the cybercriminals could have hacked their criminal way in:
1. https://motherboard.vice.com/en_us/article/a3q7mz/hacker-allegedly-stole-millions-bitcoin-sim-swapping
2. https://motherboard.vice.com/en_us/article/j5bpg7/sim-hijacking-t-mobile-stories
Weaknesses of SS7: 3. https://secure-voice.com/ss7_attacks/
2 second factor authentication could be protocol-dependant: 4. https://pages.nist.gov/800-63-3/sp800-63b.html#out-of-band
Krebs also wrote on it: 5. https://krebsonsecurity.com/2018/08/reddit-breach-highlights-limits-of-sms-based-authentication/
Way to perform this 6. https://www.theguardian.com/technology/2016/apr/19/ss7-hack-explained-mobile-phone-vulnerability-snooping-texts-calls.

Question of malware installed on the device or many firms will send out SMS through an external party, that delivers it again to a mobile network. The connection to that external 3rd party could be simply hacked  than the protocol itself (through technology and also via an inside job for instance). Reddit will now use two factor tokenization authentication, because once bitten means now twice shy. ::)  :o

polonus


Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33330
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5727 on: August 05, 2018, 06:49:54 PM »
Still too many (big) websites, that fall victim to this threat, SQL-injection:
https://codecurmudgeon.com/wp/sql-injection-hall-of-shame/

Examples from main CMS softwares, based on PHP, WordPress & Drupal - update to most recent versions
Latest vulnerability caused WP and Drupal to update:
https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers
Re: https://framework.zend.com/security/advisory/ZF2018-01

For those unwise that know such CMS to be insecure by design,
and that do not wanna update automatically, put this inside your wp-config.php  ;)  ::)

// Disable all automatic updates
define( 'AUTOMATIC_UPDATER_DISABLED', true );
define( 'WP_AUTO_UPDATE_CORE', false );
define( 'DISALLOW_FILE_MODS', true );
define('DISALLOW_FILE_EDIT', true);  :o


polonus (volunteer website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5728 on: August 07, 2018, 07:46:44 AM »
HPSBHF03589 rev. 2 - HP Ink Printers Remote Code Execution
https://support.hp.com/us-en/document/c06097712
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 72241
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5729 on: August 16, 2018, 06:34:12 AM »
Win 8.1 [x64] - Avast PremSec 21.9.6675.IBC [UI.671] - EEK - Firefox ESR 78.15 [NS/uBO/PB] - TB 91.2
Avast-Tools: Secure Browser 94.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.85
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0