SECURITY WARNINGS & Notices - Please post them here

[bob3160]

Hi bob3160,

Browsing "in the nude" as FwF puts this so eloquently, has always been a problem and creates problems as well. Users need to check their browser extensions and plug-ins, their clicks, use some form of in-browser protection, like an adblocker, script blocker, and check on all things they thoughtlessly may install. I am also out on Google Chrome (in sandboxie) but I haven't encountered any problem yet, but there are certain places and clicks I will shun. When I do not know where I am heading, I perform a decent pre-scan and my downloads enter a Metascan online pre-scan first (I will survive the couple of extra secs this costs and I know "my OS and browser will thank me for this").

polonus

I'm quite happy with Avast's check of the programs I download. I'm also careful what I download and where I get these downloads from.
The only reason I'm not using Chrome as the default is because of it's speed. I've found opera and Firefox to be much quicker in their response.

[polonus]

Yes, I run Avast in PUP-mode enabled also.
An example to see how some get infested: http://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-malicious-browser-extensions-in-chrome-web-store/  link article author by Fernando Mercês (Trend Micro's Senior Threat Researcher)

polonus

[polonus]

Is it true that Google Chrome coders cannot code in a secure way anymore?
"Security that is holed is like a sieve, you cannot get it back to solid anymore": https://twitter.com/securifybv/status/594403213882818560
A real cat and mouse game has started, upgraded Google Password Alert extension
for Google Chrome to version 1.6 and already again circumvented.

polonus

[polonus]

When we heard one side of the story, we should also hear the other:
http://blog.360totalsecurity.com/en/qihoo-360-statement-regarding-cheating-in-lab-test/

polonus

[DavidR]

When we heard one side of the story, we should also hear the other:
http://blog.360totalsecurity.com/en/qihoo-360-statement-regarding-cheating-in-lab-test/

polonus

We already have, as this link was in the forums a couple of days ago.

[bob3160]

When we heard one side of the story, we should also hear the other:
http://blog.360totalsecurity.com/en/qihoo-360-statement-regarding-cheating-in-lab-test/

polonus

As I stated in the other thread, when all else fails, blame the other guy.....

[polonus]

@DavidR,

Very good for these forums that was how it was presented in the other thread, always give two sides of a story, so the reader can make up his own mind.

@bob3160,

I see a lot of fingers pointing at each other. 

D

[DavidR]

@DavidR,

Very good for these forums that was how it was presented in the other thread, always give two sides of a story, so the reader can make up his own mind.

It was as the very link that you posted has previously been posted so we have seen their rebuttal, the 3rd party bitdefender engine is disabled by default because they feel it may be too much for older/user systems. But it is fine to enable it in a test version.

When AV Comparatives gave their write up, it mentioned that there were substantial differences between the two versions. To me that sounds much more than the 3rd party engine just being disabled in the user available version.

[polonus]

@DavidR,

I wonder if we ever get anywhere near what really went on.

polonus

[Para-Noid]

Fiesta EK Wreaks Havoc on Popular Torrent Site

https://blog.malwarebytes.org/exploits-2/2015/05/fiesta-ek-wreaks-havoc-on-popular-torrent-site/?utm_source=Gplus&utm_medium=social

[polonus]

What is wrong with the privacy policy of the AnonymoX Extension for firefox and Google Chrome?
Read about it here: http://www.wilderssecurity.com/threads/anonymox-firefox-extension.308582/

Anyone?

polonus

[REDACTED]

Ive been having a problem with Surveillance.Reset-local-password-pro.    This started about a month ago and I cant get rid of it.  I thought that is why I bought this program last November??   Help, please!  Im a business!

[Asyn]

Ive been having a problem with Surveillance.Reset-local-password-pro.    This started about a month ago and I cant get rid of it.  I thought that is why I bought this program last November??   Help, please!  Im a business!

Start a new topic in V&W and post your logs there: https://forum.avast.com/index.php?action=post;board=4.0

[polonus]

A bug revealed that MS does not want to patch: http://googleprojectzero.blogspot.nl/2015/05/in-console-able.html
Read about the unfixed bug here: https://code.google.com/p/google-security-research/issues/detail?id=213

polonus

[polonus]

Rombertik, dangerous password stealing malware that ruins the MBR: http://blogs.cisco.com/security/talos/rombertik
link article was authored by Ben Baker and Alex Chiu.

polonus