Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1831052 times)

0 Members and 2 Guests are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6000 on: October 31, 2019, 07:37:16 AM »
Network Solutions - Important Security Information
https://notice.networksolutions.com/
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41968
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6001 on: November 01, 2019, 01:26:40 PM »
A Major Google Chrome Security Flaw Was Discovered. If You Use Chrome, Update Right Now
https://www.inc.com/minda-zetlin/chrome-browser-security-flaw-vulnerability-update-google-bug-bounty.html
v78.0.3904.70 needs to be updated to v78.0.3904.87
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Dumper

  • Full Member
  • ***
  • Posts: 192
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6002 on: November 01, 2019, 11:24:37 PM »
A Major Google Chrome Security Flaw Was Discovered. If You Use Chrome, Update Right Now
https://www.inc.com/minda-zetlin/chrome-browser-security-flaw-vulnerability-update-google-bug-bounty.html
v78.0.3904.70 needs to be updated to v78.0.3904.87

That article is from Aug 30th, is it still an issue?
Avast Free 19.8.2393 - Comodo 11.0.0.6744 Firewall with D+ - Winpatrol Free.
On demand - MBAM - Super Antispyware.
Windows 10 64bit - 8GB Ram.

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41968
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6003 on: November 01, 2019, 11:48:05 PM »
A Major Google Chrome Security Flaw Was Discovered. If You Use Chrome, Update Right Now
https://www.inc.com/minda-zetlin/chrome-browser-security-flaw-vulnerability-update-google-bug-bounty.html
v78.0.3904.70 needs to be updated to v78.0.3904.87

That article is from Aug 30th, is it still an issue?
https://mashable.com/article/google-chrome-halloween-zero-day-exploit/
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Dumper

  • Full Member
  • ***
  • Posts: 192
Avast Free 19.8.2393 - Comodo 11.0.0.6744 Firewall with D+ - Winpatrol Free.
On demand - MBAM - Super Antispyware.
Windows 10 64bit - 8GB Ram.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31950
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6005 on: November 03, 2019, 02:56:07 PM »
Second zero-day still unpatched by Google Chrome:
https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/

It is a so-called waterhole exploit being abused.
-http://code.jquery.cdn.behindcorona.com/ has already bewn taken down.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31950
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6006 on: November 11, 2019, 01:09:29 PM »
More for the cat and mouse game between shodan and user.

http://romcheckfail.com/blocking-shodan-keeping-shodan-io-in-the-dark-from-scanning/
Quote
Shodan is definitely a useful tool, and will help admins who dont realize what is exposed to the internet find out their weak points. It is also very useful for vulnerability assessments and getting metrics about services from the internet as whole. But it is also like all good things used by people who want to exploit the data within for personal gain or entertainment.

There are literally hudreds of thousands of interesting and exploitable items on shodan, just dont be one of them.
Quote credits go to Mike Hiltz

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6007 on: November 13, 2019, 05:59:04 AM »
Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame
https://thehackernews.com/2019/11/zonealarm-forum-data-breach.html
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6008 on: November 16, 2019, 07:58:02 AM »
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31950
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6009 on: November 16, 2019, 12:40:11 PM »
Visa warns webshops against - code that steals creditcard-data:
Read: https://usa.visa.com/dam/VCOM/global/support-legal/documents/pfd-identifies-new-javascript-skimmer.pdf

This JavaScript skimmer malware Visa is called "Pipka"* (* brzydki wyraz n.p. po polsku (dimin.)
and you won't find the expression in a Polish dictionary).
It is the first malcode of its kind that removes itself from compromised websites (html).

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31950
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6010 on: November 16, 2019, 04:39:05 PM »
Three minor Microsoft flaws can easily add up to one big one:
https://www.f5.com/labs/articles/threat-intelligence/how-three-low-risk-vulnerabilities-become-one-high-24995

Better safe than sorry. Mitigate those risks you run.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6011 on: November 18, 2019, 08:21:21 AM »
‘Magic: The Gathering’ game maker exposed 452,000 players’ account data
https://techcrunch.com/2019/11/16/magic-the-gathering-wizards-data-exposure/
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6012 on: November 20, 2019, 06:19:33 AM »
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61845
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31950
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6014 on: November 22, 2019, 12:58:02 AM »
What to do about unblockable web trackers?

Read: https://www.theregister.co.uk/2019/11/21/ublock_origin_firefox_unblockable_tracker/

Firefox has thwarted this new apparently unblockable tracker.
For Chrome, there is no DNS API available, and so no easy way to detect this,"

As web tracking is a major part of Google's core business, they want to go forward with this,
allowing advertisers to create unique IDs for every ad impression they serve, information
that could then be associated with individual users.

Ads could contain malware, so I block with uOrigin and uMatrix in Cliqz Internet browser
(a particular firefox private browser flaw).

Surveillance capitalism by Facebook and Google goes over the top,
according to Amnesty Int. and in it's effects is threatening human rights.

Further background information:
Electronic Frontier Foundation:
Surveillance Self-Defense Guide
https://ssd.eff.org/

Book: Fake It! by Steffan Heuer & Pernille Tranberg
Protect your digital identity
https://www.digital-selfdefense.com/

polonus aka Damian (volunteer 3rd party cold recon website security analyst and website error-hunter)

P.S. A solution for chrome lies in these less known settings: https://support.google.com/chrome/answer/2364824

« Last Edit: November 22, 2019, 01:57:02 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!