Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904864 times)

bob3160 · « **Reply #3195 on:** November 14, 2014, 02:10:31 PM »

Quote from: Pondus on November 14, 2014, 01:14:50 AM

Worldwide Antivirus Vendor Market Share
https://www.opswat.com/about/media/reports/antivirus-october-2014

Caution when looking at these statistics. Windows Defender is turned on by default
in all Windows 8 computers. These stats don't give a true picture since installing a third party
turns off Defender but doesn't remove it from the list.
It's nice to see that Avast is listed as the most used third party AV.

polonus · « **Reply #3196 on:** November 14, 2014, 10:52:30 PM »

Trojan horse being spread via malicious Tor-exit-nodes as a wrapper: http://www.f-secure.com/weblog/archives/00002764.html
Source: FSLabs.

polonus

Pondus · « **Reply #3197 on:** November 15, 2014, 10:05:57 AM »

Quote from: polonus on November 14, 2014, 10:52:30 PM

Trojan horse being spread via malicious Tor-exit-nodes as a wrapper: http://www.f-secure.com/weblog/archives/00002764.html
Source: FSLabs.

polonus

Trojan-Dropper:W32/OnionDuke.A
https://www.virustotal.com/en/file/19972cc87c7653aff9620461ce459b996b1f9b030d7c8031df0c8265b73f670d/analysis/

Backdoor:W32/OnionDuke.A
https://www.virustotal.com/en/file/0102777ec0357655c4313419be3a15c4ca17c4f9cb4a440bfb16195239905ade/analysis/

Backdoor:W32/OnionDuke.B
https://www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/

polonus · « **Reply #3198 on:** November 15, 2014, 02:03:36 PM »

Hi Pondus,

Thank you for this additional scan info. Als read this: http://sensorstechforum.com/onionduke-malware-used-in-apt-attacks-through-the-tor-network/ Link article author = BertaB+

polonus

Asyn · « **Reply #3199 on:** November 19, 2014, 06:05:37 AM »

Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)
https://technet.microsoft.com/en-us/library/security/MS14-068

Pondus · « **Reply #3200 on:** November 19, 2014, 10:10:07 PM »

Fake Windows 10 Activators Spreading All Over the Web
http://news.softpedia.com/news/Fake-Windows-10-Activators-Spreading-All-Over-the-Web-465227.shtml

polonus · « **Reply #3201 on:** November 20, 2014, 03:40:33 PM »

Backdoor found in thousands and thousands illegal CMS-plug-ins and themes.
Read: http://blog.fox-it.com/2014/11/18/cryptophp-analysis-of-a-hidden-threat-inside-popular-content-management-systems/

Quote

We cannot determine the exact number of affected websites but we estimate that, at least a few thousand websites are compromised by CryptoPHP.

polonus

Pondus · « **Reply #3202 on:** November 20, 2014, 11:02:29 PM »

Malware now infecting users from popular website
http://blogs.norman.com/2014/for-consumption/malware-now-infecting-users-from-popular-website

polonus · « **Reply #3203 on:** November 21, 2014, 12:04:51 AM »

Thank you Pondus for your heads-up on this. I hope everybody is convinced now they cannot be completely safe without a decent adblocker installed like ABP.

polonus

bob3160 · « **Reply #3204 on:** November 21, 2014, 05:29:07 AM »

If you belong to the Malwarebytes Forum (Many of us do!) you should be aware of the following:
"bob3160,
I'm writing to let you know that on November 10th a vulnerability in our
forum software allowed a hacker to gain access to the server hosting our
community. We have no evidence of any personal data being stolen (nor do
we store any on our forums!) but as a precautionary measure we are
forcing all users to reset their passwords. The next time you attempt to
log in, please select the "Forgot Your Password?" link below and follow the steps.
https://forums.malwarebytes.org/index.php?app=core&module=global&section=lostpass
We've also migrated our community away from our servers and onto aservice hosted by Invision Power Board. They know their software bestand as vulnerabilities are discovered, they can patch them more quickly.I personally apologize for the inconvenience and if you have anyquestions, do not hesitate to contact me directly at
mkleczynski at malwarebytes.org.
Marcin"

Pondus · « **Reply #3205 on:** November 21, 2014, 09:58:07 AM »

Quote from: bob3160 on November 21, 2014, 05:29:07 AM

If you belong to the Malwarebytes Forum (Many of us do!) you should be aware of the following:
"bob3160,
I'm writing to let you know that on November 10th a vulnerability in our
forum software allowed a hacker to gain access to the server hosting our
community. We have no evidence of any personal data being stolen (nor do
we store any on our forums!) but as a precautionary measure we are
forcing all users to reset their passwords. The next time you attempt to
log in, please select the "Forgot Your Password?" link below and follow the steps.
https://forums.malwarebytes.org/index.php?app=core&module=global&section=lostpass
We've also migrated our community away from our servers and onto aservice hosted by Invision Power Board. They know their software bestand as vulnerabilities are discovered, they can patch them more quickly.I personally apologize for the inconvenience and if you have anyquestions, do not hesitate to contact me directly at
mkleczynski at malwarebytes.org.
Marcin"

https://forums.malwarebytes.org/index.php?/topic/161236-malwarebytesorg-comprimised/
see post from RubbeR DuckY

polonus · « **Reply #3206 on:** November 22, 2014, 02:23:13 AM »

Amnesty and EFF launch a scanner to detect government spyware:
Read about Detekt here: https://resistsurveillance.org/

polonus

Para-Noid · « **Reply #3207 on:** November 22, 2014, 03:44:15 PM »

Russian hackers hijack webcams worldwide!

http://ottawacitizen.com/technology/internet/russian-hackers-hijack-webcams-worldwide-including-at-least-four-in-ottawa

REDACTED · « **Reply #3208 on:** November 22, 2014, 07:08:59 PM »

Hi all,
sorry if this the wrong place to put my ?
Having a small prob with Windows update KB3011780, it says it failed to d/load and now i have to switch of my comp manually.
I presume this update has something to do with it???. not being a tech wiz i have no idea.
I read in another forum that Avast might have something to do with it,, any ideas??

Asyn · « **Reply #3209 on:** November 22, 2014, 07:10:51 PM »

Quote from: Anthony79 on November 22, 2014, 07:08:59 PM

Having a small prob with Windows update KB3011780, it says it failed to d/load and now i have to switch of my comp manually.
I presume this update has something to do with it???. not being a tech wiz i have no idea.
I read in another forum that Avast might have something to do with it,, any ideas??

-> https://forum.avast.com/index.php?topic=160717.0