Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2888940 times)

polonus · « **Reply #4290 on:** November 25, 2015, 06:03:02 PM »

Google at it again: http://www.theguardian.com/technology/2015/nov/25/google-bug-buries-yelp-tripadvisor-search
Google claims it is a bug, but an effective one for the monopolist

polonus

Para-Noid · « **Reply #4291 on:** November 25, 2015, 09:01:20 PM »

Video Ads: Malvertising’s Next Frontier?

https://blog.malwarebytes.org/malvertising-2/2015/11/video-ads-malvertisings-next-frontier/?utm_source=Gplus&utm_medium=sociala

The Road to Black Friday: Stats and Security Tips

https://blog.malwarebytes.org/security-threat/2015/11/the-road-to-black-friday-stats-and-security-tips/?utm_source=Gplus&utm_medium=social

A Week in Security (Nov 15 – Nov 21)

https://blog.malwarebytes.org/online-security/2015/11/a-week-in-security-nov-15-nov-21/?utm_source=gplus&utm_medium=social

polonus · « **Reply #4292 on:** November 26, 2015, 11:19:52 PM »

The Internet of Things bad, bad security situation: http://www.theregister.co.uk/2015/11/26/lazy_iot_skeleton_keys/
link article author = Shaun Nichols
Yes folks, it is much worse than we thought it was or did we already expect it to be bad

Infosec biz Sec Consult says it studied 4,000 embedded devices from 70 hardware makers, and found that many products are sharing the same hardwired SSH login keys and server-side SSL certificates. Hack one and you will/may hack many...

polonus

polonus · « **Reply #4293 on:** December 01, 2015, 12:33:30 AM »

More than 26,000 Cisco devices sold by Australia's dominant telco Telstra are open to hijacking via hardcoded SSH login keys and SSL certificates. Re: http://www.theregister.co.uk/2015/11/27/nine_percent_of_encrypted_traffic_open_to_hijack_from_shared_keys/
Million others may be also vulnerable:

Quote

There are no patches or workarounds available for the security blunder, which potentially affect millions of users. One workaround would be to ensure the SSH and HTTPS configuration servers in the routers are firewalled off from harm.

polonus

Para-Noid · « **Reply #4294 on:** December 01, 2015, 03:23:18 PM »

Steam’s “Exploration Sale” Gamifies Security Settings

https://blog.malwarebytes.org/online-security/2015/11/steams-exploration-sale-gamifies-security-settings/?utm_source=Gplus&utm_medium=social

Simion · « **Reply #4295 on:** December 02, 2015, 01:49:15 AM »

Adobe Is Telling People to Stop Using Flash

Asyn · « **Reply #4296 on:** December 02, 2015, 08:59:45 AM »

Microsoft Security Advisory 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing
https://technet.microsoft.com/en-us/library/security/3119884.aspx

polonus · « **Reply #4297 on:** December 02, 2015, 05:45:33 PM »

Return of the old vundo malware: http://blog.fox-it.com/2015/12/02/ponmocup-a-giant-hiding-in-the-shadows/

polonus

REDACTED · « **Reply #4298 on:** December 02, 2015, 06:28:00 PM »

I have a personal website that Avast will not let me go to,"it says it might harm my computer"
This is not a bad/dangerous site at all. The confusing thing to me is that I dont have Avast installed on my computer. Whats going on?

Asyn · « **Reply #4299 on:** December 02, 2015, 06:29:47 PM »

Quote from: ohm3 on December 02, 2015, 06:28:00 PM

I have a personal website that Avast will not let me go to,"it says it might harm my computer"
This is not a bad/dangerous site at all. The confusing thing to me is that I dont have Avast installed on my computer. Whats going on?

Start a new topic in V&W and post your logs there: https://forum.avast.com/index.php?action=post;board=4.0

Para-Noid · « **Reply #4300 on:** December 02, 2015, 08:51:24 PM »

FrameFox: Nominated for the Most Aggressive EULA

https://blog.malwarebytes.org/security-threat/2015/11/framefox-nominated-for-the-most-aggressive-eula/?utm_source=Gplus&utm_medium=social

Lesson...read the EULA every time you install any software/

[bLarge Number of Adult Sites Distribute Malware Via AdXpansion Malvertising][/b]

https://blog.malwarebytes.org/malvertising-2/2015/12/large-number-of-adult-sites-distribute-malware-via-adxpansion-malvertising/?utm_source=Gplus&utm_medium=social

A solid ad blocker like Adguard AdBlocker and Ghostery are a must anymore.

DavidR · « **Reply #4301 on:** December 02, 2015, 10:05:51 PM »

For most people life is to short to read every EULA and that is what most companies hope for.

I used to have a little program EULA Analyser that broke down the EULA into easily understood plain English (not legalese) terms.

bob3160 · « **Reply #4302 on:** December 03, 2015, 12:52:44 AM »

If I read every EULA, I would never install anything on my computer.
I might actually never buy a computer.....

The program David mentioned is probably this one:
http://www.brightfort.com/eulalyzer.html

polonus · « **Reply #4303 on:** December 03, 2015, 12:55:51 AM »

Hi bob3160,

As you know what to expect there is no need for it

polonus

DavidR · « **Reply #4304 on:** December 03, 2015, 01:15:54 AM »

Quote from: bob3160 on December 03, 2015, 12:52:44 AM

If I read every EULA, I would never install anything on my computer.
I might actually never buy a computer.....
The program David mentioned is probably this one:
http://www.brightfort.com/eulalyzer.html

Yes, that's the one, a real handy tool.