Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904843 times)

bob3160 · « **Reply #4185 on:** October 25, 2015, 06:58:29 PM »

You'll find many examples of these types of emails on this forum:

https://forum.avast.com/index.php?topic=81030.msg662592#msg662592

Para-Noid · « **Reply #4186 on:** October 26, 2015, 02:39:52 PM »

This isn’t the Java I ordered!

https://blog.malwarebytes.org/online-security/2015/10/this-isnt-the-java-i-ordered/?utm_source=Gplus&utm_medium=social

Para-Noid · « **Reply #4187 on:** October 26, 2015, 07:40:10 PM »

Is Mac malware on the rise?

https://blog.malwarebytes.org/mac/2015/10/is-mac-malware-on-the-rise/?utm_source=Gplus&utm_medium=social

Secondmineboy · « **Reply #4188 on:** October 26, 2015, 07:43:56 PM »

Quote from: Para-Noid on October 26, 2015, 07:40:10 PM

Is Mac malware on the rise?

https://blog.malwarebytes.org/mac/2015/10/is-mac-malware-on-the-rise/?utm_source=Gplus&utm_medium=social

Yes, it is definitely.

Apple has to ramp up security for sure, better soon than sorry.

Asyn · « **Reply #4189 on:** October 27, 2015, 06:51:52 AM »

Quote from: Asyn on October 24, 2015, 05:03:21 PM

TalkTalk cyber-attack: Website hit by 'significant' breach
http://www.bbc.com/news/uk-34611857
http://www.bbc.com/news/uk-34615226
http://help2.talktalk.co.uk/oct22incident

TalkTalk Hackers Demanded £80K in Bitcoin
http://krebsonsecurity.com/2015/10/talktalk-hackers-demanded-80k-in-bitcoin/

polonus · « **Reply #4190 on:** October 27, 2015, 01:19:09 PM »

This will be abused grand scale to deliver more spam to your mailboxes: Critical Joomla hole attacked 4 hrs after it being patched: https://www.joomla.org/announcements/release-news/5634-joomla-3-4-5-released.html
Sucuri warns that loads of websites with Joomla CMS have been attacked shortly after the new Joomla release.

As no other, polonus knows how critical CMS security weighs in the balance. One thing to do: update and patch and do not spread extensive info on software to the world and attackers.

polonus (volunteer website security analyst and error-hunter)

Para-Noid · « **Reply #4191 on:** October 27, 2015, 06:20:00 PM »

That is the single most important thing a website/server owner could do is to keep their software up-to-date.
Out of date software has proven to be easily compromised. Funny what one can find out using "wappalyzer"
and doing a little research is also valuable. That is also something one can find out by using http://toolbar.netcraft.com/site_report/
Get the information then run with it. Never know where it will lead.

Para-Noid · « **Reply #4192 on:** October 27, 2015, 06:21:51 PM »

What’s Patch Tuesday?

https://blog.malwarebytes.org/online-security/2015/10/whats-patch-tuesday/?utm_source=Gplus&utm_medium=social

The Art of Data Wiping on Mobile Devices

https://blog.malwarebytes.org/mobile-2/2015/10/the-art-of-data-wiping-on-mobile-devices/?utm_source=Gplus&utm_medium=social

bob3160 · « **Reply #4193 on:** October 27, 2015, 06:47:15 PM »

Quote from: Para-Noid on October 27, 2015, 06:21:51 PM

What’s Patch Tuesday?

https://blog.malwarebytes.org/online-security/2015/10/whats-patch-tuesday/?utm_source=Gplus&utm_medium=social

Windows 10 no longer has a Patch Tuesday since updates and patches can happen at any time.

polonus · « **Reply #4194 on:** October 27, 2015, 07:56:31 PM »

University of Amsterdam's "Amsterdam privacy week" sponsored by Facebook and Google as diamond and platinum sponsors. This is a joke, sponsoring of an event by the ones that caused these problems that are being discussed in the first place, aka the "Silicon Empire". As long as academic independency is guaranteed; sponsors have no influence on the program was the comment of the organizers.

polonus

Asyn · « **Reply #4195 on:** October 28, 2015, 11:11:02 AM »

Adobe Security Bulletin - Security update available for Adobe Shockwave Player
https://helpx.adobe.com/security/products/shockwave/apsb15-26.html

polonus · « **Reply #4196 on:** October 28, 2015, 05:07:51 PM »

Through my continuous website scanning it is clearly shown that an awful large amount of websites with all sort of jQuery libaries installed, have as a rule 2 to 5 vulnerable jQuery libraries installed. Some of these with active malware. An enormous amount of websites with WordPress CMS are open to threats because User Enumeration is possible (user and log-in proliferation) or Directory Indexing Enabled. This is an information leakage vulnerability that can reveal sensitive information regarding your site configuration or content. Furthermore plug-ins and themes may be vulnerable to attacks. Alas all such websites are wide open to attack.
Pro-active hosting with security in mind has not been around much on the Interwebs lately. I try to warn wherever I can when a website's security is endangered and may become under threat (compromise, defacement, XSS attacks, script injection etc. etc.). Website owners, -admins, hosters take these warnings at heart and go and protect your future visitors! Scan, update, patch and configure properly.

polonus (volunteer website security analyst and website error-hunter)

Asyn · « **Reply #4197 on:** October 29, 2015, 08:06:49 AM »

Quote from: polonus on October 27, 2015, 01:19:09 PM

This will be abused grand scale to deliver more spam to your mailboxes: Critical Joomla hole attacked 4 hrs after it being patched: https://www.joomla.org/announcements/release-news/5634-joomla-3-4-5-released.html
Sucuri warns that loads of websites with Joomla CMS have been attacked shortly after the new Joomla release.

As no other, polonus knows how critical CMS security weighs in the balance. One thing to do: update and patch and do not spread extensive info on software to the world and attackers.

Joomla SQL Injection Attacks in the Wild
https://blog.sucuri.net/2015/10/joomla-sql-injection-attacks-in-the-wild.html

Para-Noid · « **Reply #4198 on:** October 29, 2015, 06:37:29 PM »

A Vintage Year for Free Wine Spam

https://blog.malwarebytes.org/fraud-scam/2015/10/a-vintage-year-for-free-wine-spam/?utm_source=Gplus&utm_medium=social

Leaving Laptops in Hotel Rooms: A Bad Idea

https://blog.malwarebytes.org/privacy-2/2015/10/leaving-laptops-in-hotel-rooms-a-bad-idea/?utm_source=Gplus&utm_medium=social

polonus · « **Reply #4199 on:** October 29, 2015, 06:57:20 PM »

Be aware while Copy-Pasting URLs from Google Search can leak Previous Searches.
So do not do this!
Read from jeremy Rubin this article here: https://medium.com/@jeremyrubin/caution-copy-pasting-urls-from-google-search-can-leak-previous-searches-11940508e79#.fy4492fqk

polonus

Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904843 times)

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

Secondmineboy

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

bob3160

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Para-Noid

Re: SECURITY WARNINGS & Notices - Please post them here

polonus

Re: SECURITY WARNINGS & Notices - Please post them here