SECURITY WARNINGS & Notices - Please post them here

[DavidR]

Then be ready for sites that whilst using https to also get stung (insecure) if all of that content isn't https, the avast forums for instances.  Some images, coming from http links, whilst this shouldn't be an issue for attached images as these are held within the forums https content.

So you could end up with one page being just fine and another getting pinged as insecure, this is likely to confuse users.

[polonus]

Hi DavidR,

The green padlock story, also is confusing to Joe and Jill Common from the average user base.
As long as there is mixed content while phasing out http,
and that is apparently what the big players want,
this will create a lot of confusion during the process.

If you want to change all that, do a good job of it and not half-heartedly,
like with all things on the Interwebs has been the case frequently.

Https and secure log-in and security headers implemented, no vulnerable nameservers anymore,
no more hosters that are in for the cheap money and less for security.

We have been in a patching full time circle from the start,
and what has this brought us from the turn of the century?

An infrastructure that looks more like a bandaged stuffed mummy full of plasters...

polonus

[DavidR]

That's the problem, the end user can do nothing about these issues, they just get the 'insecurity' flag flash up and worry there is something seriously wrong.

Whilst you can expand the information, it isn't detailed enough for the average user, when the language used is 'For instances images.'

[polonus]

Another big scale brute force attack on Word Press sites going on.
In the past never that much of a success, but we still wanna warn against it:

https://www.wordfence.com/blog/2017/12/aggressive-brute-force-wordpress-attack/

pol

[bob3160]

That's the problem, the end user can do nothing about these issues, they just get the 'insecurity' flag flash up and worry there is something seriously wrong.

Whilst you can expand the information, it isn't detailed enough for the average user, when the language used is 'For instances images.'

I just approached Screencast-O-Matic since the screenshots are uploaded to an http site. My question was about changing to a secure server so that the pictures don't wind up being tagged as insecure.

[bob3160]

That's the problem, the end user can do nothing about these issues, they just get the 'insecurity' flag flash up and worry there is something seriously wrong.

Whilst you can expand the information, it isn't detailed enough for the average user, when the language used is 'For instances images.'

I just approached Screencast-O-Matic since the screenshots are uploaded to an http site. My question was about changing to a secure server so that the pictures don't wind up being tagged as insecure.

I just received a reply:
Hello,

When you navigate to an uploaded screenshot link, it should redirect to https. We'll update the Recorder soon so that the link created in the clipboard is https as well.

-Sam

It certainly didn't take long.

[polonus]

300.000 Word Press sites vulnerable through holed Captcha Plug-in:
https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/

polonus

[polonus]

The involved botnet in these brute force attacks tries to install a cryptominer onto Word Press servers:

https://www.wordfence.com/blog/2017/12/massive-cryptomining-campaign-wordpress/

"Bitcoin the only coin whithout any social function"

polonus (volunteer website security analyst and website error-hunter)

[polonus]

Another 123 million American user data-breach from an Amazon S-3-Bucket.
Re: https://www.upguard.com/breaches/cloud-leak-alteryx

S-3-Buckets should be secure unless you configure them improperly.
It was not publicly available, building an AWS account to get access to a misconfigured Amazon-S-3-Bucket was easy-peasy
and made this big data-breach possible. The data mean solid gold for both identity thieves, spammers and black hat marketeers alike.

polonus

[polonus]

Rolling out Ubuntu 17.10 was halted, because it was corrupting the Lenovo computer bios.

Read: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734147

Someone created a non-tested bug in a production release.
All ubuntu flaws, also mint, privacy technically have leaks & backdoors.

Related info on that bug:
https://www.howtogeek.com/226308/the-windows-platform-binary-table-why-crapware-can-come-back-after-a-clean-install/

polonus (volunteer website security analyst and website error-hunter)

[polonus]

Backdoor in three Word Press plug-ins detected:
https://www.wordfence.com/blog/2017/12/plugin-backdoor-supply-chain/

polonus

[Be Secure]

Starbucks Wi-Fi Turned People’s Laptops into Cryptocurrency Miners
http://news.softpedia.com/news/starbucks-wi-fi-turned-people-s-laptops-into-cryptocurrency-miners-518997.shtml

[Pondus]

New but nothing new   

Another FaceBook virus >>  http://blog.trendmicro.com/trendlabs-security-intelligence/digmine-cryptocurrency-miner-spreading-via-facebook-messenger/

[Pondus]

The Need for Better Built-in Security in IoT Devices
http://blog.trendmicro.com/trendlabs-security-intelligence/iot-devices-need-better-builtin-security/


The Sound of a Targeted Attack
pdf.doc  >>  https://documents.trendmicro.com/assets/pdf/The-Sound-of-a-Targeted-Attack.pdf

[polonus]

Chrome extension gave 105.000 users a crypto-miner:

https://productforums.google.com/forum/#!topic/chrome/b0JUzg4HYtI

Crypto mining a growing problem next to ad-launching and spamming.
The extension is still there 

polonus