Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904788 times)

Para-Noid · « **Reply #4395 on:** January 09, 2016, 09:11:45 PM »

A survey worth taking! (It's only three questions long.)

https://blog.malwarebytes.org/online-security/2016/01/survey-tell-us-what-you-think-about-our-pup-friday-posts/?utm_source=gplus&utm_medium=social

polonus · « **Reply #4396 on:** January 10, 2016, 02:31:54 PM »

Nividea breaks Chrome Incognito:
https://charliehorse55.wordpress.com/2016/01/09/how-nvidia-breaks-chrome-incognito/

polonus

DavidR · « **Reply #4397 on:** January 10, 2016, 03:07:58 PM »

Quote from: polonus on January 10, 2016, 02:31:54 PM

Nvidea breaks Chrome Incognito:
https://charliehorse55.wordpress.com/2016/01/09/how-nvidia-breaks-chrome-incognito/

polonus

Interesting read - aside from Nvidea - I guess Incognito doesn't mean anything like our interpretation to Google. But then again it never has been high up the privacy ratings with all that it captures.

polonus · « **Reply #4398 on:** January 12, 2016, 02:43:08 PM »

Critical Hole in Trend-Micro's Password Manager: https://code.google.com/p/google-security-research/issues/detail?id=693

How can an AV-vendor implement a tool like this Password Manager without having it thoroughly tested by security experts

polonus

bob3160 · « **Reply #4399 on:** January 12, 2016, 04:18:38 PM »

Quote from: polonus on January 12, 2016, 02:43:08 PM

Critical Hole in Trend-Micro's Password Manager: https://code.google.com/p/google-security-research/issues/detail?id=693

How can an AV-vendor implement a tool like this Password Manager without having it thoroughly tested by security experts

polonus

I thought that they had experts at Trend Micro

Para-Noid · « **Reply #4400 on:** January 13, 2016, 03:17:28 PM »

The Windows Vaults

https://blog.malwarebytes.org/online-security/2016/01/the-windows-vaults/?utm_source=gplus&utm_medium=social

Microsoft revokes Windows 8's patch privileges today

http://www.networkworld.com/article/3021337/computers/microsoft-revokes-windows-8s-patch-privileges-today.html

Asyn · « **Reply #4401 on:** January 14, 2016, 07:20:19 AM »

FortiOS SSH Undocumented Interactive Login Vulnerability
https://www.fortiguard.com/advisory/fortios-ssh-undocumented-interactive-login-vulnerability

Asyn · « **Reply #4402 on:** January 14, 2016, 07:21:15 AM »

Microsoft Security Bulletin Summary for January 2016
https://technet.microsoft.com/en-us/library/security/ms16-jan.aspx

CraigB · « **Reply #4403 on:** January 14, 2016, 03:33:49 PM »

Yandex acquired Agnitum technology for Yandex Browser

Agnitum product support will cease December 31st 2016 http://www.agnitum.com/news/2016-01-14-yandex-acquired-agnitum-technology.php

DavidR · « **Reply #4404 on:** January 14, 2016, 04:10:24 PM »

Quote from: CraigB on January 14, 2016, 03:33:49 PM

Yandex acquired Agnitum technology for Yandex Browser

Agnitum product support will cease December 31st 2016 http://www.agnitum.com/news/2016-01-14-yandex-acquired-agnitum-technology.php

There is also a license/product exchange (outlined and link in the above) however, you have to be quick as the license exchange deal ends 31/1/2016.

CraigB · « **Reply #4405 on:** January 14, 2016, 04:15:19 PM »

Quote from: DavidR on January 14, 2016, 04:10:24 PM

Quote from: CraigB on January 14, 2016, 03:33:49 PM
Yandex acquired Agnitum technology for Yandex Browser

Agnitum product support will cease December 31st 2016 http://www.agnitum.com/news/2016-01-14-yandex-acquired-agnitum-technology.php

There is also a license/product exchange (outlined and link in the above) however, you have to be quick as the license exchange deal ends 31/1/2016.

Yes I probably should have mentioned that

I was unsure about posting the exchange link though due to direct competition.

DavidR · « **Reply #4406 on:** January 14, 2016, 04:30:34 PM »

Quote from: CraigB on January 14, 2016, 04:15:19 PM

Quote from: DavidR on January 14, 2016, 04:10:24 PM
Quote from: CraigB on January 14, 2016, 03:33:49 PM
Yandex acquired Agnitum technology for Yandex Browser

Agnitum product support will cease December 31st 2016 http://www.agnitum.com/news/2016-01-14-yandex-acquired-agnitum-technology.php

There is also a license/product exchange (outlined and link in the above) however, you have to be quick as the license exchange deal ends 31/1/2016.
Yes I probably should have mentioned that I was unsure about posting the exchange link though due to direct competition.

Which is why I just mentioned it rather than give a direct link.

Para-Noid · « **Reply #4407 on:** January 16, 2016, 03:50:59 PM »

Your Gmail account is not a spy tool for Google

http://www.androidcentral.com/your-gmail-account-not-spy-tool-google

polonus · « **Reply #4408 on:** January 16, 2016, 04:37:15 PM »

No one aware log-on data have been stolen......

Read: https://community.rapid7.com/community/infosec/blog/2016/01/13/get-the-2015-incident-detection-response-survey-results

See attached image...

pol

polonus · « **Reply #4409 on:** January 16, 2016, 04:57:50 PM »

Nice analysis on what Asyn reported earlier here: Evil OpenSSH servers can steal your private login keys to other systems – patch now
Read: https://www.qualys.com/2016/01/14/cve-2016-0777-cve-2016-0778/openssh-cve-2016-0777-cve-2016-0778.txt

pol