Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904695 times)

Para-Noid · « **Reply #4095 on:** September 24, 2015, 09:00:32 PM »

.htaccess Tricks in Global.asa Files

https://blog.sucuri.net/2015/09/htaccess-tricks-in-global-asa-files.html?utm_campaign=.htaccess%20Tricks%20in%20Global.asa%20Files%20Blogpost&utm_medium=social&utm_source=googleplus

GTA 5 Money Generator Scams: They’re Wheelie Bad

https://blog.malwarebytes.org/fraud-scam/2015/09/gta-5-money-generator-scams-theyre-wheelie-bad/?utm_source=Gplus&utm_medium=social

Press H to Hack: Unsolicited

https://blog.malwarebytes.org/privacy-2/2015/09/press-h-to-hack-unsolicited/

Imgur Abused in DDoS Attack Against 4Chan!

https://blog.malwarebytes.org/hacking-2/2015/09/imgur-abused-in-ddos-attack-against-4chan/

Ghostery: A Tool that Stops Trackers (This is one add-on most of us use) (FYI, I have disabled the pop-up bubble.)

https://blog.malwarebytes.org/privacy-2/2015/09/ghostery-a-tool-that-stop-trackers/

Pondus · « **Reply #4096 on:** September 25, 2015, 06:30:00 PM »

Kovter malware upgraded with Poweliks features
http://www.scmagazine.com/kovter-malware-upgraded-with-poweliks-features/article/440711/

Kovter malware learns from Poweliks with persistent fileless registry update
http://www.symantec.com/connect/blogs/kovter-malware-learns-poweliks-persistent-fileless-registry-update

REDACTED · « **Reply #4097 on:** September 26, 2015, 12:00:04 PM »

Fake Online Avast Scanner

https://blog.malwarebytes.org/online-security/2015/09/fake-online-avast-scanner/

bob3160 · « **Reply #4098 on:** September 26, 2015, 02:45:04 PM »

Quote from: kanga319 on September 26, 2015, 12:00:04 PM

Fake Online Avast Scanner

https://blog.malwarebytes.org/online-security/2015/09/fake-online-avast-scanner/

This is a bit misleading since you only get to this by mistyping the Malwarebytes website.
I highly doubt that this scanner gets much use.

Para-Noid · « **Reply #4099 on:** September 26, 2015, 06:14:14 PM »

Quote from: bob3160 on September 26, 2015, 02:45:04 PM

Quote from: kanga319 on September 26, 2015, 12:00:04 PM
Fake Online Avast Scanner

https://blog.malwarebytes.org/online-security/2015/09/fake-online-avast-scanner/
This is a bit misleading since you only get to this by mistyping the Malwarebytes website.
I highly doubt that this scanner gets much use.

+1 But the fact that it's out there could mean trouble for avast.

Para-Noid · « **Reply #4100 on:** September 26, 2015, 06:17:19 PM »

SSL Malvertising Campaign Targets Top Adult Sites (Watching porn has a price.)

https://blog.malwarebytes.org/malvertising-2/2015/09/ssl-malvertising-campaign-targets-top-adult-sites/

Don’t have a Meltdown over this Lunchbox Fallout

https://blog.malwarebytes.org/fraud-scam/2015/09/dont-have-a-meltdown-over-this-lunchbox-fallout/

DavidR · « **Reply #4101 on:** September 26, 2015, 06:45:13 PM »

Quote from: Para-Noid on September 26, 2015, 06:14:14 PM

Quote from: bob3160 on September 26, 2015, 02:45:04 PM
Quote from: kanga319 on September 26, 2015, 12:00:04 PM
Fake Online Avast Scanner

https://blog.malwarebytes.org/online-security/2015/09/fake-online-avast-scanner/
This is a bit misleading since you only get to this by mistyping the Malwarebytes website.
I highly doubt that this scanner gets much use.

+1 But the fact that it's out there could mean trouble for avast.

I beg to differ, first someone has to A) mistype the URL as Bob said, B) ignore the obvious porn image, suspect to say the least C) then they would have to elect to run the fake scan and D) it would have to get past your real AV software.

That's a lot of ifs and you would like to hope the user would have enough common sense after all of them to back off.

1234ava · « **Reply #4102 on:** September 27, 2015, 10:19:18 AM »

Yes it takes a somewhat dumb user to fall into the trap, but the world is full of somewhat dumb users. $:-\$
Few dumb users claiming that "Avast infected my PC" (while in reality it was the fake site) might be enough to cause trouble, especially if reported with some alarming headlines in the media.

If I were in Avast's shoes, I would take immediate legal action and try take the site down.

Pondus · « **Reply #4103 on:** September 27, 2015, 12:15:21 PM »

On several blacklists now
https://www.virustotal.com/en/url/f3b2e6cc365cdbc13ac17076f56b935af20621fb09ea44abbd681f16c0ef124f/analysis/1443348829/

Secondmineboy · « **Reply #4104 on:** September 27, 2015, 01:05:29 PM »

Quote from: 1234ava on September 27, 2015, 10:19:18 AM

Yes it takes a somewhat dumb user to fall into the trap, but the world is full of somewhat dumb users. $:-\$
Few dumb users claiming that "Avast infected my PC" (while in reality it was the fake site) might be enough to cause trouble, especially if reported with some alarming headlines in the media.

If I were in Avast's shoes, I would take immediate legal action and try take the site down.

I reported the website to them via their support page

SITE IS NOW BLOCKED BY AVAST

Asyn · « **Reply #4105 on:** September 28, 2015, 01:14:48 PM »

WinRAR SFX v5.21 - Remote Code Execution Vulnerability
http://seclists.org/fulldisclosure/2015/Sep/106

Gopher John · « **Reply #4106 on:** September 29, 2015, 03:17:40 PM »

Cookie handling in browsers can break HTTPS security

http://www.networkworld.com/article/2986286/cookie-handling-in-browsers-can-break-https-security.html

Pondus · « **Reply #4107 on:** September 29, 2015, 03:55:38 PM »

Mobile Ad Networks as DDoS Vectors: A Case Study
https://blog.cloudflare.com/mobile-ad-networks-as-ddos-vectors/

abruptum · « **Reply #4108 on:** September 29, 2015, 07:53:36 PM »

ConfigFox: manage advanced Firefox privacy and security settings

http://www.ghacks.net/2015/09/29/configfox-manage-advanced-firefox-privacy-and-security-settings/

polonus · « **Reply #4109 on:** September 30, 2015, 01:31:56 PM »

WP exploit kit hacks thousands and thousands of websites to redirect to pages with Nuclear-exploitkit!
Read article by Daniel Cid here: https://blog.sucuri.net/2015/09/wordpress-malware-visitortracker-campaign-update.html
Google watch.php malware please. For instance: http://malwarefor.me/2015-06-15-nuclear-ek-glupteba-operation-windigo-again/

polonus

Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904695 times)

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

Pondus

Re: SECURITY WARNINGS & Notices - Please post them here

REDACTED

Re: SECURITY WARNINGS & Notices - Please post them here

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

DavidR

Re: SECURITY WARNINGS & Notices - Please post them here

1234ava

Re: SECURITY WARNINGS & Notices - Please post them here

Pondus

Re: SECURITY WARNINGS & Notices - Please post them here

Secondmineboy

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Gopher John

Re: SECURITY WARNINGS & Notices - Please post them here

Pondus

Re: SECURITY WARNINGS & Notices - Please post them here

abruptum

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here