Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2861360 times)

0 Members and 2 Guests are viewing this topic.

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5790 on: January 13, 2019, 04:37:42 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5791 on: January 17, 2019, 10:39:02 AM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5793 on: January 17, 2019, 04:37:43 PM »
Word Press warns for servers with old (outdated) PHP versions:
https://make.wordpress.org/core/2019/01/14/php-site-health-mechanisms-in-5-1/ (source credits Felix Arntz);
See for warnings: https://wordpress.org/support/update-php/
Mind back patching distro's for issues.

Read: https://sucuri.net/guides/how-to-clean-hacked-wordpress
Check at https://hackertarget.com/wordpress-security-scan/
Check libraries at https://retire.insecurity.today/# 
or at
https://webhint.io/scanner/  at security with Snort Rules.

For PHP version 7 check compatibility at: https://wpengine.com/blog/php-7-compatibility-checker-plugin/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline =Snake=

  • Still using Avast Free!
  • Maybe Bot
  • ***
  • Posts: 17412
Re: Security Warning Notices - Please post them here
« Reply #5794 on: January 17, 2019, 06:04:13 PM »
A lot of malware lurks in google searches, some even have the brass neck to pay for search placement on specific search words/terms or have sponsored links. Google really need to be more proactive in rooting out the possibly malicious/fraudulent sponsored links or search placement.
That's the reason (for me) for not using google search.
That's one of the reason you should be using the Avast Online Security extension. :)

I'm using it since years (see my sig, please).  :)
Desktops: AMD LE1620, W7 ult SP1 [x86] | IP-4, XP pro SP3[x86] | Intel Celeron, W7 ult SP1 [x86] | AMD-Athlon 1800+, XP pro SP3, [x86] in WL |
Laptops:   HP G72 , W10 Home [x64]  v22H2 (Build 19045.2728) | Acer Aspire ES1-131, W10 Home [x64] v1511 (Build 10586.1106)|
Firefox ESR [AOS,NS,uBO,uMatrix],Thunderbird,MCShield,CCleaner,Defraggler,MBAM Free,MBAE, Avast Free Antivirus|

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5795 on: January 18, 2019, 06:29:07 PM »
Cryptominer removes protection software on Linux servers:
First they disable cloud monitoring service, deinstalling it the way an admin would do.
Malcrean ts getting more and more dastardly in their ways.
https://unit42.paloaltonetworks.com/malware-used-by-rocke-group-evolves-to-evade-detection-by-cloud-security-products/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5796 on: January 19, 2019, 04:31:16 PM »
I had forgotten how long CryptoLocker has been a part of the scene:
https://forum.avast.com/index.php?topic=19387.msg179783#msg179783
I posted that back in 2006
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5797 on: January 19, 2019, 06:24:33 PM »
Serious Drupal holes: https://www.us-cert.gov/ncas/current-activity/2019/01/16/Drupal-Releases-Security-Updates
Re: https://www.drupal.org/sa-core-2019-001  and   https://www.drupal.org/sa-core-2019-002

And again at the heart of the problem lies not sufficiently validated PHP.
PHP developer keep your cheat-sheets ready.
Read: https://phpsecurity.readthedocs.io/en/latest/Input-Validation.html
Sometimes file expectations are wronly being interpreted:
https://stackoverflow.com/questions/15943926/php-possible-weaknesses-for-filter-validate-url-fopenurl-r-url-validati
and see other PHP related trouble: https://www.tenable.com/plugins/nessus/17715

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5798 on: January 21, 2019, 08:26:38 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline alanb

  • Poster
  • *
  • Posts: 652
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5799 on: January 21, 2019, 02:01:16 PM »
Quote
Facebook Caught Red Handed While Swiping Money From Children

I'm astonished that a company with such a reputation for integrity, transparency and fair dealing would resort to such practices  ;D

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5800 on: January 22, 2019, 04:12:50 PM »
Magecart hackers rejoice: https://gwillem.gitlab.io/2019/01/17/adminer-4.6.2-file-disclosure-vulnerability/
Check your Magento CMS here: https://www.magereport.com/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33892
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5801 on: January 22, 2019, 04:27:05 PM »
Malcreants adopted PEAR version that was online for half a year.

Archived phar files are not checked too often against being compromised:
Check the repository for the right non-malicious archive: https://github.com/pear

AV should pay more attention to such open source code for being altered and compromised  ;)

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5802 on: January 23, 2019, 12:22:03 PM »
Google is proposing a change to Chrome that would break ad blockers like uBlock Origin
https://9to5google.com/2019/01/22/google-chrome-break-ad-blockers/amp/?__twitter_impression=true


Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5803 on: January 23, 2019, 03:30:59 PM »
Google is proposing a change to Chrome that would break ad blockers like uBlock Origin
https://9to5google.com/2019/01/22/google-chrome-break-ad-blockers/amp/?__twitter_impression=true

Interesting, I already avoid Google Chrome (where ever possible 1 exception android mobile) and this certainly isn't going to get me to install it.

I just wonder how this would Impact ASB as it is based on Chromium. Assuming that ASB and Avast allow uBlock Origin add-on to be installed.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline =Snake=

  • Still using Avast Free!
  • Maybe Bot
  • ***
  • Posts: 17412
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5804 on: January 23, 2019, 03:33:12 PM »
Desktops: AMD LE1620, W7 ult SP1 [x86] | IP-4, XP pro SP3[x86] | Intel Celeron, W7 ult SP1 [x86] | AMD-Athlon 1800+, XP pro SP3, [x86] in WL |
Laptops:   HP G72 , W10 Home [x64]  v22H2 (Build 19045.2728) | Acer Aspire ES1-131, W10 Home [x64] v1511 (Build 10586.1106)|
Firefox ESR [AOS,NS,uBO,uMatrix],Thunderbird,MCShield,CCleaner,Defraggler,MBAM Free,MBAE, Avast Free Antivirus|