Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904584 times)

bob3160 · « **Reply #3810 on:** June 25, 2015, 05:00:05 AM »

Quote from: Para-Noid on June 24, 2015, 06:32:19 PM

Registry Cleaners: Digital Snake Oil

https://blog.malwarebytes.org/social-engineering/2015/06/digital-snake-oil/?utm_source=Gplus&utm_medium=social

It's always nice to get confirmation from a reputable place on something I've been preaching for many years.

Staticguy · « **Reply #3811 on:** June 25, 2015, 03:08:32 PM »

Security researcher casually drops Adobe Reader, Windows critical vulnerability bomb

http://www.zdnet.com/article/security-researcher-casually-drops-adobe-reader-windows-critical-vulnerability-bomb/

polonus · « **Reply #3812 on:** June 25, 2015, 04:17:53 PM »

216 million dollar damage causing HawkEye keylogger e-mail fraud alert: https://www.fsisac.com/sites/default/files/news/BEC_Joint_Product_Final.pdf

polonus

Pondus · « **Reply #3813 on:** June 25, 2015, 08:09:03 PM »

Navy signs $9.1 million contract with Microsoft to keep Windows XP afloat
www.winbeta.org/news/navy-signs-91-million-contract-microsoft-keep-windows-xp-afloat

Para-Noid · « **Reply #3814 on:** June 25, 2015, 08:44:27 PM »

Quote from: bob3160 on June 25, 2015, 05:00:05 AM

Quote from: Para-Noid on June 24, 2015, 06:32:19 PM
Registry Cleaners: Digital Snake Oil

https://blog.malwarebytes.org/social-engineering/2015/06/digital-snake-oil/?utm_source=Gplus&utm_medium=social

It's always nice to get confirmation from a reputable place on something I've been preaching for many years.

I agree I have stopped messing with the registry cleaner even in CCleaner.
Once after I "cleaned" the registry in my Win7 I ended up having to restore what CCleaner cleaned.
Never again. Leave the registry alone.
If it ain't broke, don't fix it!

Para-Noid · « **Reply #3815 on:** June 25, 2015, 08:49:29 PM »

Fake Bank of America Twitter Feed Leads to Phishing Page

https://blog.malwarebytes.org/fraud-scam/2015/06/fake-bank-of-america-twitter-feed-leads-to-phishing-page/?utm_source=Gplus&utm_medium=social

Quote from: Pondus on June 25, 2015, 08:09:03 PM

Navy signs $9.1 million contract with Microsoft to keep Windows XP afloat
www.winbeta.org/news/navy-signs-91-million-contract-microsoft-keep-windows-xp-afloat

I wonder if this will affect all of the XP systems everywhere.

polonus · « **Reply #3816 on:** June 25, 2015, 10:51:09 PM »

Samsung disabling Windows update, explained away as providing a choice: https://grahamcluley.com/2015/06/samsung-disabled-windows-update/
link article author = Graham Cluley

polonus

DavidR · « **Reply #3817 on:** June 26, 2015, 12:22:23 AM »

Quote from: polonus on June 25, 2015, 10:51:09 PM

Samsung disabling Windows update, explained away as providing a choice: https://grahamcluley.com/2015/06/samsung-disabled-windows-update/
link article author = Graham Cluley

polonus

Some choice - there has always been a choice in the OS if the user wishes to disable windows update and there are the usual warnings of doing so.

When Samsung do this the user doesn't have a choice as they would be unaware that they had disabled WU. So they live in ignorance that their system is at potential risk from vulnerabilities being exploited.

Asyn · « **Reply #3818 on:** June 26, 2015, 01:52:24 PM »

Magento Platform Targeted By Credit Card Scrapers
https://blog.sucuri.net/2015/06/magento-platform-targeted-by-credit-card-scrapers.html

DavidR · « **Reply #3819 on:** June 26, 2015, 04:06:08 PM »

Quote from: polonus on June 26, 2015, 04:00:20 PM

Greenpeace: bad Amazon - good Apple!
http://www.greenpeace.org/usa/Global/usa/planet3/PDFs/clickingclean.pdf

See attached

Don't see how this has anything to do with SECURITY WARNINGS & Notices, even more so nothing to do with these forums.

<off-topic>For me Greenpeace = Bad, if you don't fit their agenda your mad.</off-topic>

bob3160 · « **Reply #3820 on:** June 26, 2015, 04:25:18 PM »

I also don't see a correlation of that chart to computer security

polonus · « **Reply #3821 on:** June 26, 2015, 04:43:33 PM »

Hi bob3160 and DavidR,

That is why I have removed the posting on second thoughts. I found the article link on a Dutch security site (webworld).
Amazon has come under quite some "flak" lately (for bundling deals) and now also for the amount of CO2 that goes into the clicks they score

polonus

Para-Noid · « **Reply #3822 on:** June 26, 2015, 07:40:14 PM »

To Save, or Not to Save, That is the Question

https://blog.malwarebytes.org/online-security/2015/06/to-save-or-not-to-save-that-is-the-question/?utm_source=Gplus&utm_medium=social

polonus · « **Reply #3823 on:** June 27, 2015, 06:57:57 PM »

Microsoft silently added 18 root cetificates to Windows, according to: https://twitter.com/Hexatomium/status/614760398940708864
Silently performed in combination with Cisco: https://news.ycombinator.com/item?id=9789819

On this link I get a "your connection is not private" alert from Google: https://www.wilderssecurity.com/threads/rcc-check-your-systems-trusted-root-certificate-store.373819/

Background read: https://ma.ttias.be/the-broken-state-of-trust-in-root-certificates/

pol

polonus · « **Reply #3824 on:** June 27, 2015, 07:02:57 PM »

Google's One Account for Everywhere is not a handy feature only as Google says, it is also an additional threat where attackers could have access everywhere!
When an attacker has a foothold on your desktop that now means also on all of your peripherals.
Read: http://www.prep-blog.com/2014/05/05/which-is-the-greater-threat-govt-or-corporate-intrusion/

polonus