Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1858300 times)

0 Members and 2 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32100
  • malware fighter
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #60 on: January 05, 2010, 06:22:54 PM »
Hi malware fighters,

Threat for website defacements through XSS flaws on blogsites is reported here: http://forum.avast.com/index.php?topic=53082.msg449946#msg449946

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 42310
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #61 on: January 05, 2010, 06:24:27 PM »
Hi malware fighters,

Threat for website defacements through XSS flaws on blogsites is reported here: http://forum.avast.com/index.php?topic=53082.msg449946#msg449946

polonus
So now we have 2 posts for the same item...  :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32100
  • malware fighter
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #62 on: January 05, 2010, 06:26:50 PM »
Hi bob3160,

One full posting and one small additional link here. While you alerted for it..

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #63 on: January 05, 2010, 06:31:53 PM »
Hi bob3160,

One full posting and one small additional link here. While you alerted for it..

Damian

agree with that, so that those who'd want to comment can go to the other thread and not clutter this one here.
w7 - ais7

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 42310
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #64 on: January 05, 2010, 07:13:58 PM »
Unfortunately that only creates more clutter so we now create 2 posts instead on one.
It defeats the whole purpose.
At this point, just make your separate posts, it's getting harder and harder to follow all the entries anyway.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #65 on: January 05, 2010, 07:40:18 PM »
Unfortunately that only creates more clutter so we now create 2 posts instead on one.
It defeats the whole purpose.
At this point, just make your separate posts, it's getting harder and harder to follow all the entries anyway.

+1

One post plus comments  8)

One post in SECURITY WARNINGS then 2 topics to follow ::)
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 42310
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #66 on: January 07, 2010, 02:13:05 PM »
Encryption busted on popular USB flash drives

A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the
AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #67 on: January 07, 2010, 02:27:55 PM »
Encryption busted on popular USB flash drives

A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the
AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.


bob you should have added this too, they didn't crack the algorithm, they used a security flaw in the encryption/decryption program:
Quote
The crack relies on a weakness so astoundingly bone-headed that it’s almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there’s a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used. What’s also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.

 if they had cracked AES 256, which is hardly to happen anytime soon, it would have made the headlines on a few sites and mags  ;D ...but well, the program flaw is bad enough to be mentioned.
 But there are alternatives, TrueCrypt and now Bitlocker (Windows 7 version) that can be used to encrypt USB drives as well.
« Last Edit: January 07, 2010, 02:30:23 PM by Logos »
w7 - ais7

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #68 on: January 07, 2010, 03:42:28 PM »
Hacker pierces hardware firewalls with web page
http://forum.avast.com/index.php?topic=53163.msg450630#msg450630
w7 - ais7

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 42310
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #69 on: January 08, 2010, 12:12:20 AM »
Encryption busted on popular USB flash drives

A word of warning to those of you who rely on hardware-based encrypted USB flash drives. Security firm SySS has reportedly cracked the
AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.


bob you should have added this too, they didn't crack the algorithm, they used a security flaw in the encryption/decryption program:
Quote
The crack relies on a weakness so astoundingly bone-headed that it’s almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there’s a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used. What’s also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.

 if they had cracked AES 256, which is hardly to happen anytime soon, it would have made the headlines on a few sites and mags  ;D ...but well, the program flaw is bad enough to be mentioned.
 But there are alternatives, TrueCrypt and now Bitlocker (Windows 7 version) that can be used to encrypt USB drives as well.
Logos,
I supplied the link which gave that information. :) I spent the time reading it and so did you so why shouldn't the rest of those that where interested.   ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline hello123

  • Full Member
  • ***
  • Posts: 156
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #70 on: January 08, 2010, 02:37:10 AM »

Quote
Juniper Networks is warning customers of a critical flaw in its gateway routers that allows attackers to crash the devices by sending them small amounts of easily-spoofed traffic.


http://www.theregister.co.uk/2010/01/07/juniper_critical_router_bug/

Offline hello123

  • Full Member
  • ***
  • Posts: 156

Offline logos

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9443
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #72 on: January 08, 2010, 10:47:07 AM »
Logos,
I supplied the link which gave that information. :) I spent the time reading it and so did you so why shouldn't the rest of those that where interested.   ;D

the first lines of the article were misleading, and you quoted them, and just them, here's why...some might NOT read the article and but your post here.
w7 - ais7

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #73 on: January 08, 2010, 03:02:45 PM »
Quote
Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus
Date:01.08.2010
Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs™ ThreatSeeker™ Network has detected that search results on office.microsoft.com can lead users to a Rogue AV page.
http://securitylabs.websense.com/content/Alerts/3519.aspx
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #74 on: January 08, 2010, 03:18:32 PM »
Quote
Some Observations on Rootkits

Getting hit by a live rootkit infection is among the more unfortunate fates that can befall an unsuspecting computer user.

Parting thoughts
• Keep real-time protection enabled
• Run 64-bit Windows
http://blogs.technet.com/mmpc/archive/2010/01/07/some-observations-on-rootkits.aspx
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS