SECURITY WARNINGS & Notices - Please post them here

[Pondus]

MalwareBytes acquires Junkware Removal Tool
http://www.majorgeeks.com/news/story/malwarebytes_acquires_junkware_removal_tool.html

[polonus]

New Exploitkit "Sundown" aims at user that has not updated Adobe Flash Player!
Adobe "the new Java" of our time!
Read: http://malware.dontneedcoffee.com/2015/06/fast-look-at-sundown-ek.html
Analysis: https://www.virusbtn.com/virusbulletin/archive/2015/06/vb201506-Beta-BEP
Info credits go to:  Aditya Sood en Rohit Bansal

polonus

[Staticguy]

MalwareBytes acquires Junkware Removal Tool
http://www.majorgeeks.com/news/story/malwarebytes_acquires_junkware_removal_tool.html

Very interesting and looking forward how MBAM will incorporate this tool into their program. MBAM always keeps on getting better and better 

[polonus]

Comics, a way to make users more security aware: http://www.littlebobbycomic.com/projects/week-17-encryption-and-me-1/

polonus

[polonus]

Dutch botnets aggressively attacking Norway & Sweden, read report:
http://www.level3.com/~/media/files/white-paper/en_secur_wp_botnetresearchreport.ashx
Behind USA, Ukraine and Russia the Netherlands is falicitating the fourth largest malbot infra-structure in the World.

polonus

[polonus]

Funny thing is we get an IDS alert like: "ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related". (Surricata IDS alert example), and read about country risk status on Zulu Zscaler scans for China, Russia, Ukraine, while the by far biggest malware spreading nation on earth, the U.S. of A., is never even mentioned. How about some biased risk rating?

polonus

[Para-Noid]

MalwareBytes acquires Junkware Removal Tool
http://www.majorgeeks.com/news/story/malwarebytes_acquires_junkware_removal_tool.html

Here is the official press release (posted by malwarebytes.org)...

https://press.malwarebytes.org/2015/06/22/malwarebytes-acquires-junkware-removal-tool/?utm_source=blog&utm_medium=social

[abruptum]

Popular Security Software Came Under Relentless NSA and GCHQ Attacks

  https://firstlook.org/theintercept/2015/06/22/nsa-gchq-targeted-kaspersky/

NSA, GCHQ targeted Kaspersky, other cybersecurity companies – Snowden docs

  http://rt.com/usa/268891-nsa-gchq-software-kaspersky/

[Staticguy]

Beyond Superfish: Turns out SSL-trashing spyware is widespread

https://gigaom.com/2015/02/23/beyond-superfish-turns-out-ssl-trashing-spyware-is-widespread/

One thing I noticed is this "quite a few software packages in the areas of antivirus and parental protection also use Komodia’s engine".

Hope Avast is not one of them? We all would be very appreciated if one of the Avast Team confirms this? Could one of the forum member report this, so one of the Avast team can take a look at this, read it, and investigate if Avast antivirus is affected by Komodia engine. Thanks!

[polonus]

Unpatched IE hole will not be patched by MS - circumventing ASLR-security,
demonstrated here: https://github.com/thezdi/abusing-silent-mitigations
Whitepaper on the mitigation attack: http://h30499.www3.hp.com/hpeb/attachments/hpeb/off-by-on-software-security-blog/599/1/WP-Hariri-Zuckerbraun-Gorenc-Abusing_Silent_Mitigations.pdf

polonus

[polonus]

Upate this optional MS update: https://support.microsoft.com/en-us/kb/3045645
to protect against a specific Banking Trojan that disables/hides UAC alerts.

polonus

[polonus]

The many enemies of Google - EU antitrust case: http://www.reuters.com/article/2015/04/27/us-eu-google-antitrust-idUSKBN0NF1YX20150427
Main Outer Category of complainants (19 in total) is formed by Microsoft, ICOMP, FairSearch, Beuc and The Open Internet Project.
Maybe the New Atlantic and International Trade Agreement will come in time so this antitrust case could/would never materialize, because it would overrule the outcome anyway.

polonus

[Rednose]

Emergency Flash Player 18.0.0.194 update.

Adware free offline installers :

Active X : https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ax.exe
NPAPI : https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player.exe
PPAPI : https://fpdownload.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe

Greetz, Red.

[polonus]

Millions and millions of dollars lost through CryptoWall ransomware:
http://www.ic3.gov/media/2015/150623.aspx
Update your AV, use a firewall, use a decent ad-/pop-up-/script blocker and stay alert!

polonus

[Para-Noid]

Registry Cleaners: Digital Snake Oil

https://blog.malwarebytes.org/social-engineering/2015/06/digital-snake-oil/?utm_source=Gplus&utm_medium=social

Google Takes a Stand Against Revenge Porn

https://blog.malwarebytes.org/privacy-2/2015/06/google-takes-a-stand-against-revenge-porn/?utm_source=Gplus&utm_medium=social