Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2851784 times)

0 Members and 7 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6090 on: April 02, 2020, 03:56:36 PM »
LS

Every IP scan or domain scan or AS scan for that matter should be examined separately to know what is going on from there.
Sometimes this means benign security scans, sometimes probing with malicious intent, sometimes simple outright malware
to send out spamraids with, scam & malware (Mirai).

Let us just take a random example IP which is doing port scanning for port 5555, a scanning that comes from
IP address 112.119.218.130 in HongKong, apparently performed by  netvigator (game shield) dot com domain.

VirusTotal shows 1 engine to detect, detecting spam, here we have it:
https://www.virustotal.com/gui/ip-address/112.119.218.130/detection

GreyNoise cannot help us much in these respects, just alerts the scans being performed:
https://viz.greynoise.io/query/?gnql=metadata.rdns%3An112119218130.netvigator.com

Shodan is not quite clear on what it is: https://www.shodan.io/host/112.119.218.130/raw

Again here we stumble on quite some interesting underlying data: https://intelx.io/?s=netvigator.com
Data, coming from this awful Intelligence scanner made by the firm of the renowned Peter Kleissner,
hacker/researcher/ sinkhole expert from Vienna (now Prague).
I was so happy to get some online outbuilding on automated sinkholing from him during 2017.

Summa summarum every IP address and/or domain/AS should be considered separately to what this scanning means.
I do this just through  3rd party cold recon security scanning.

In this case the buzzword apparently is "gamer SPAM".
But it could also be something quite innocent like benign bot-scans or security scantool action.

Moreover at netvigator dot com JSONP script I found flaws in the settings of their CSP implementation,
just to mention this on the by and by. (Info credits go to: luntrus)

polonus

« Last Edit: April 02, 2020, 03:58:25 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6091 on: April 03, 2020, 01:32:13 PM »
WordPress removes plug-in100.000 times installed.
Left by developer. It is this plug-in that's involved: https://wordpress.org/plugins/contact-form-7-datepicker/
Where it was being reported: https://www.wordfence.com/blog/2020/04/high-severity-vulnerability-leads
See: https://wordpress.org/support/topic/why-was-this-plugin-removed-should-i-remove-it-from-my-site/

Scan when you use WordPress with this WP security scan: https://hackertarget.com/wordpress-security-scan/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6092 on: April 05, 2020, 01:40:37 PM »
Hi robert1297,

Coronavirus means hey-days for cybercriminals all sorts, malcreants, scammers, spammers,  fake-news & fraud spreaders, the lot.
Mind your "clicks" while you keep your distance also digitally. Let's stick together from home.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6093 on: April 05, 2020, 05:52:59 PM »
Hi robert1297,

Coronavirus means hey-days for cybercriminals all sorts, malcreants, scammers, spammers,  fake-news & fraud spreaders, the lot.
Mind your "clicks" while you keep your distance also digitally. Let's stick together from home.

polonus

Nothing has change in this regard for pond scum and bottom feeders, they are quick to jump on anything of social interest.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6094 on: April 07, 2020, 01:33:13 PM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6095 on: April 07, 2020, 07:33:44 PM »
Banking Malware Spreading via COVID-19 Relief Payment Phishing
https://www.bleepingcomputer.com/news/security/banking-malware-spreading-via-covid-19-relief-payment-phishing/

This isn't helped by legit companies asking for donations (such as PayPal) and peoples genuine wish to help.  So these pond life scum take advantage, so no change there then.

People really need to be aware of any such scam/s relating to what is currently the hot topic in social media/news etc.  In that too, nothing has changed, be suspicious and know the source you are supposedly visiting.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48512
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6096 on: April 07, 2020, 07:37:18 PM »
Banking Malware Spreading via COVID-19 Relief Payment Phishing
https://www.bleepingcomputer.com/news/security/banking-malware-spreading-via-covid-19-relief-payment-phishing/

This isn't helped by legit companies asking for donations (such as PayPal) and peoples genuine wish to help.  So these pond life scum take advantage, so no change there then.

People really need to be aware of any such scam/s relating to what is currently the hot topic in social media/news etc.  In that too, nothing has changed, be suspicious and know the source you are supposedly visiting.
https://forum.avast.com/index.php?topic=232867.msg1541456#msg1541456
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6097 on: April 07, 2020, 07:42:06 PM »
Banking Malware Spreading via COVID-19 Relief Payment Phishing
https://www.bleepingcomputer.com/news/security/banking-malware-spreading-via-covid-19-relief-payment-phishing/

This isn't helped by legit companies asking for donations (such as PayPal) and peoples genuine wish to help.  So these pond life scum take advantage, so no change there then.

People really need to be aware of any such scam/s relating to what is currently the hot topic in social media/news etc.  In that too, nothing has changed, be suspicious and know the source you are supposedly visiting.
https://forum.avast.com/index.php?topic=232867.msg1541456#msg1541456

Something that most people need to view, as for me I have been watching out for pond life scammers for many many years.  As long as I have been using the forums for sure :)
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48512
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6098 on: April 07, 2020, 07:46:57 PM »
Banking Malware Spreading via COVID-19 Relief Payment Phishing
https://www.bleepingcomputer.com/news/security/banking-malware-spreading-via-covid-19-relief-payment-phishing/

This isn't helped by legit companies asking for donations (such as PayPal) and peoples genuine wish to help.  So these pond life scum take advantage, so no change there then.

People really need to be aware of any such scam/s relating to what is currently the hot topic in social media/news etc.  In that too, nothing has changed, be suspicious and know the source you are supposedly visiting.
https://forum.avast.com/index.php?topic=232867.msg1541456#msg1541456

Something that most people need to view, as for me I have been watching out for pond life scammers for many many years.  As long as I have been using the forums for sure :)
Sometimes,on this forum, it's hard to get folks to actually spend the time to watch a video even if it may be helpful. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6099 on: April 07, 2020, 07:50:05 PM »
<snip quotes>
Sometimes,on this forum, it's hard to get folks to actually spend the time to watch a video even if it may be helpful. :)

Unfortunately for some, they don't do anything/seek help until they are hit.

Hopefully people aren't ignoring the real Corvid-19 advice.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48512
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6100 on: April 08, 2020, 05:25:01 PM »
If you're using ZOOM, here's an excellent video to make Zoom and you
more secure. https://youtu.be/-_mgnmmCv2M
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6101 on: April 09, 2020, 01:18:31 PM »
Stop downloading "unkillable malware" apps!
Read: https://www.theregister.co.uk/2020/04/08/xhelper_android_malware/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33885
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6102 on: April 10, 2020, 07:30:26 PM »
L.S.

Always keep your friends close but your enemies even closer:
https://www.blackhatworld.com/seo/guides-get-this-pandemic-backlinks.1209771/

Forewarned always means being forearmed.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline =Snake=

  • Still using Avast Free!
  • Maybe Bot
  • ***
  • Posts: 17412
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6103 on: April 10, 2020, 09:20:29 PM »
@polonus

Hi!

Why is s.th. of this thread(?) not secure (see screenshot). Have I to change s.th.(where)?
 ;)
=Snake=
Desktops: AMD LE1620, W7 ult SP1 [x86] | IP-4, XP pro SP3[x86] | Intel Celeron, W7 ult SP1 [x86] | AMD-Athlon 1800+, XP pro SP3, [x86] in WL |
Laptops:   HP G72 , W10 Home [x64]  v22H2 (Build 19045.2728) | Acer Aspire ES1-131, W10 Home [x64] v1511 (Build 10586.1106)|
Firefox ESR [AOS,NS,uBO,uMatrix],Thunderbird,MCShield,CCleaner,Defraggler,MBAM Free,MBAE, Avast Free Antivirus|

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88851
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6104 on: April 11, 2020, 12:58:03 AM »
@polonus

Hi!

Why is s.th. of this thread(?) not secure (see screenshot). Have I to change s.th.(where)?
 ;)
=Snake=

There is nothing to change, whilst the site is https not all of the content is from https sources, this is typically when people attach imaged (or other elements) located on non secure locations.

Just click on the secure icon and it will tell you, see attached image.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security