SECURITY WARNINGS & Notices - Please post them here

[Asyn]

Security risk on AMP for WP – Accelerated Mobile Pages Plugin
https://www.webarxsecurity.com/amp-plugin-vulnerability/

[Pondus]

Researchers Created Fake 'Master' Fingerprints to Unlock Smartphones
https://motherboard.vice.com/en_us/article/bjenyd/researchers-created-fake-master-fingerprints-to-unlock-smartphones

[Asyn]

Security updates available for Flash Player | APSB18-44
https://helpx.adobe.com/security/products/flash-player/apsb18-44.html

[polonus]

Tackle the ever/existing threat of the gaping UPnP-hole - disable that service! 
1,7 million devices are at risk: https://blogs.akamai.com/sitr/2018/11/upnproxy-eternalsilence.html

Test: https://www.snbforums.com/threads/new-upnp-exploit-affecting-most-asus-routers-upnproxy-blackhat-proxies-via-nat-injections.46011/page-2#post-400981

Server header for a normal response could be "Microsoft-IIS/8.5",
while the header for a response during an attack would be "Microsoft-HTTPAPI/2.0.",
then pay attention whether (SSDP/UPnP) is present,

The ironical thing however is, that with newer versions of the UPnP protocol, we find minimal core security protection.
UPnP-attacks can be used to cause chaos, to create holes in firewalls, and other abuse.

UPnP deadly simple or simply deadly to leave it open on your machines, so disable it where you can.

polonus

[Asyn]

Marriott Announces Starwood Guest Reservation Database Security Incident
http://news.marriott.com/2018/11/marriott-announces-starwood-guest-reservation-database-security-incident/

[Asyn]

Security updates available for Flash Player | APSB18-42
https://helpx.adobe.com/security/products/flash-player/apsb18-42.html

[Asyn]

ASUS, GIGABYTE Drivers Contain Code Execution Vulnerabilities - PoCs Galore
https://www.bleepingcomputer.com/news/security/asus-gigabyte-drivers-contain-code-execution-vulnerabilities-pocs-galore/

[Asyn]

Microsoft Releases Out-of-Band Security Update for Internet Explorer RCE Zero-Day
https://www.bleepingcomputer.com/news/security/microsoft-releases-out-of-band-security-update-for-internet-explorer-rce-zero-day/

[Asyn]

Security Bulletin for Adobe Acrobat and Reader | APSB19-02
https://helpx.adobe.com/security/products/acrobat/apsb19-02.html

[polonus]

Latest technology is not always rock-solidly safe and secure:
involving massive security breaches or thefts involving blockchains.
Read: https://magoo.github.io/Blockchain-Graveyard/

Security through obscurity demanding it's toll:
Massive security breaches or thefts involving blockchains. (info credits go to FTREPORTER).

polonus

[=Snake=]

A lot of malware lurks in google searches, some even have the brass neck to pay for search placement on specific search words/terms or have sponsored links. Google really need to be more proactive in rooting out the possibly malicious/fraudulent sponsored links or search placement.

That's the reason (for me) for not using google search.

[bob3160]

A lot of malware lurks in google searches, some even have the brass neck to pay for search placement on specific search words/terms or have sponsored links. Google really need to be more proactive in rooting out the possibly malicious/fraudulent sponsored links or search placement.

That's the reason (for me) for not using google search.

That's one of the reason you should be using the Avast Online Security extension.

[polonus]

Bob3160 is a 100% right. Do use the pro-active blocking via Avast Secure Browsing,
to stop for instance abuse campaigns like from so-called freetrade scam platforms.

Also stops abuse scripts from here: -https://3v4l.org/ an online PHP editor,
that can also be used for nefarious purposes.
This for instance was blocked for me -https://3v4l.org/2CBnj.
The abusive script was blocked to run in it's tracks from the word go.

polonus

[polonus]

Whenever you own or make use of a Magento 1 or 2 CMS driven webshop,
it is a good thing to check the retirability of your javascript libraries here:
https://retire.insecurity.today/ and your CMS vulnerabilities here: https://www.magereport.com/

Very advanced javascript XSS injection code, obfuscated and sometimes not longer than 75 or even 22 sophisticated lines long,
is being abused for credit card stealing and other data skimming purposes by members of the  cybercriminal Magecart
or Group 11 cyber-criminals.

If you do not pay attention they may rob your creditcard clean of all the money.
Re: https://gwillem.gitlab.io/2018/10/23/magecart-extension-0days/

Group 11 or Magecart malcreant developers loves to malcreate on the basis of hook.js & bootstrap.js for instance,

Re: https://www.hybrid-analysis.com/sample/c19270ebf25dd7442462159dd371a6830815d3202cdc896690885c2e46509d86?environmentId=100

This helped by the fact there are so many PHISHING sites around for their evil-doing and also server weaknesses like BEef, etc.

Background read: https://www.riskiq.com/blog/labs/magecart-vision-direct/

polonus (volunteer 3rd party website security analyst and website error-hunter)

[Be Secure]

New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
https://www.bleepingcomputer.com/news/security/new-servhelper-backdoor-and-flawedgrace-rat-pushed-by-necurs-botnet/