SECURITY WARNINGS & Notices - Please post them here

[Be Secure]

PyCL Ransomware Delivered via RIG EK in Distribution Test By Lawrence Abrams
https://www.bleepingcomputer.com/news/security/pycl-ransomware-delivered-via-rig-ek-in-distribution-test/

[polonus]

Zero-day hole in Microsoft IIS 6.0 (no longer being supported) actively attacked:
http://blog.trendmicro.com/trendlabs-security-intelligence/iis-6-0-vulnerability-leads-code-execution
Re: hole is found in Webdav: https://nl.wikipedia.org/wiki/Webdav
Newer versions of the server software are not vulnerable.

polonus

[Para-Noid]

Broadband rules axed by Congress, headed to Trump

http://www.usatoday.com/story/tech/news/2017/03/28/broadband-rules-axed-congress-headed-trump/99744078/

Please, no political statements.

[Pondus]

Please, no political statements.

D'oh!       that is a tuff one   

[DavidR]

Please, no political statements.

D'oh!       that is a tuff one   

Very tough when the article is political

[bob3160]

Please, no political statements.

D'oh!       that is a tuff one   

Very tough when the article is political

Especially when the bill is still a holdover from Obama.

[bob3160]

From now on, we'll all be using a VPN. for now, that'll work.
I rely on the one from Avast. If that's not an option,
Get Opera and activate the VPN service in settings > Security & Privacy.

[polonus]

Hi bob3160,

And what will that mean for the Privacy Shield agreement with the EU,
or will the "old continent" comply to this with not much further ado,
and agree to the new situation, so that all of your data online may be sold to the highest bidder.

As there ever was an end to privacy, then now that moment has arrived.
What you said all along, bob3160, that: "Privacy does not exist any longer"
seems to have been prophetic words here".

Damian

[bob3160]

Hi bob3160,

And what will that mean for the Privacy Shield agreement with the EU,
or will the "old continent" comply to this with not much further ado,
and agree to the new situation, so that all of your data online may be sold to the highest bidder.

As there ever was an end to privacy, then now that moment has arrived.
What you said all along, bob3160, that: "Privacy does not exist any longer"
seems to have been prophetic words here".

Damian

Something elseto read:
http://lifehacker.com/why-is-everyone-talking-about-vpns-1793768312?utm_source=lifehacker_newsletter&utm_medium=email&utm_campaign=2017-03-29

[polonus]

Dear bob3160,

Just watch this: https://www.youtube.com/watch?v=qAT_ina93NY
Very actual now....

Damian

[bob3160]

Dear bob3160,

Just watch this: https://www.youtube.com/watch?v=qAT_ina93NY
Very actual now....

Damian

Now if you realize that this video is 3 years old, imagine just how much more
of your privacy has been lost for ever.
I've preached for years that there is no such thing as personal privacy. Maybe this video and,
the current proposed legislation, makes that statement hit home.

[polonus]

Verizon is going to install spyware onto your Android-device:
https://www.verizon.com/about/privacy/appflash-privacy-policy

Why this bad, read:
https://www.eff.org/deeplinks/2017/03/first-horseman-privacy-apocalypse-has-already-arrived-verizon-announces-plans

More generally on Data-Jacking: http://www.darkreading.com/the-era-of-data-jacking-is-here-are-you-ready-/a/d-id/1328173

polonus

[Para-Noid]

Adware vs. ad fraud

https://blog.malwarebytes.com/cybercrime/2017/03/adware-vs-ad-fraud/?utm_source=double-opt-in&utm_medium=email-internal-b2c&utm_campaign=EM-B2C-2017-March-newsletter-issue2&utm_content=adware-vs-adfraud

[polonus]

Less secure bootstrap in the CloudFlare/GoDaddy clouds!

Issues with bootstrap
Found with SRI-hash issues in Stylesheets: https://sritest.io/#report/144f10cc-d705-4ef7-b513-46edbfa469d1
CloudFlare GoDaddy abuse - The getbootstrap.com server is vulnerable to:
Heartbleed also has problems with TLS:
Common name:
 -sni49733.cloudflaressl.com Comodo certificate chain ECC Domain Validated Secure Server  & -sni49733.cloudflaressl certificate
SAN:
 -sni49733.cloudflaressl.com, *.-amazinghunters.com, *.-avhipo.com, *.-bloggbyran.cf, *.-brakeingasout.com, *.-caketopia.eu, *.-egedenbutiklezzetler.com, *.-erwinolie.nl, *.-femclick.com, *.f-rankl.computer, *.-fren.us, *.-getbootstrap.com, *.-ghbtns.com, *.-hncuyelik.com, *.-hockeyed.com, *.-mobile4bizz.net, *.-nokiacamera.com, *.-secstories.com, *.-therecruit.zone, *.-thewareaglereader.com, *.-tickat636.ga, *.-zoekeenfietsenmaker.nl, -amazinghunters.com, -avhipo.com, -bloggbyran.cf, -brakeingasout.com, -caketopia.eu, -egedenbutiklezzetler.com, -erwinolie.nl, -femclick.com, -frankl.computer, -fren.us, - getbootstrap.com, -ghbtns.com, -hncuyelik.com,-hockeyed.com, -mobile4bizz.net, -nokiacamera.com, -secstories.com, -therecruit.zone, -thewareaglereader.com, -tickat636.ga, -zoekeenfietsenmaker.nl

Re: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fgetbootstrap.com
See: https://urlscan.io/result/bb7dec19-4186-4864-b722-ac2989f663fb#summary

F-F-X status: https://observatory.mozilla.org/analyze.html?host=getbootstrap.com
MISSING MANDATORY CIPHERS for TLS: https://www.htbridge.com/ssl/?id=11fdf72a57bff6ed97fd176c0f1c23985b6a10e99247c7b70b52025f396e05ca
and other misconfigurations and weaknesses (mixed content and https redirect)

Seems from this report that the American infrastructure does not have that secure e2e encryption we are being led to believe,
this is endangering the average users that make use of such services.

polonus (volunteer website security analyst and website error-hunter)

[polonus]

Marble a very dangerous CIA Malware Obfuscation/Deobfuscation tool.
Through Marble CIA could insert obfuscated txt and deobfuscate txt later to mask the origins of malware.
The tool could be used for instance to blame the Russians for something and then later take off the evidence and then in return blame the Chinese, or whatever the 'spooks had in store for us all.

This dangerous malware tool made everyone''s infrastructure  less secure to protect the interests of  less than 1% of the global population.

Being a linguist myself I wonder whether analytical analysis of the inserted txts could show up inconsistencies in the language inserted, so it can be shown where the malware manipulation was being performed (Langley Virginia, Frankfurt Germany Europe).
Comparative linguistics looking for missspellings, wrong use of grammar rules. In Poland we say prverbially: "Lies have short legs".

Are we as online users being protected against such "cloak and dagger" schemes or does AV have to refrain from analysing further
under existing "gag orders", we will never come to know.

Read comments: https://news.ycombinator.com/item?id=14006059