Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1793523 times)

0 Members and 3 Guests are viewing this topic.

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1880
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5790 on: January 13, 2019, 04:37:42 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1880
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5791 on: January 17, 2019, 10:39:02 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast


Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31772
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5793 on: January 17, 2019, 04:37:43 PM »
Word Press warns for servers with old (outdated) PHP versions:
https://make.wordpress.org/core/2019/01/14/php-site-health-mechanisms-in-5-1/ (source credits Felix Arntz);
See for warnings: https://wordpress.org/support/update-php/
Mind back patching distro's for issues.

Read: https://sucuri.net/guides/how-to-clean-hacked-wordpress
Check at https://hackertarget.com/wordpress-security-scan/
Check libraries at https://retire.insecurity.today/# 
or at
https://webhint.io/scanner/  at security with Snort Rules.

For PHP version 7 check compatibility at: https://wpengine.com/blog/php-7-compatibility-checker-plugin/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline =Snake=

  • ..... minden elfelejtettem.
  • Massive Poster
  • ****
  • Posts: 3951
Re: Security Warning Notices - Please post them here
« Reply #5794 on: January 17, 2019, 06:04:13 PM »
A lot of malware lurks in google searches, some even have the brass neck to pay for search placement on specific search words/terms or have sponsored links. Google really need to be more proactive in rooting out the possibly malicious/fraudulent sponsored links or search placement.
That's the reason (for me) for not using google search.
That's one of the reason you should be using the Avast Online Security extension. :)

I'm using it since years (see my sig, please).  :)
Main: AMD LE1620, W7ult SP1 | MS-7091, P4, XP pro SP3 || AMD_Athlon 1800+ (W7ult SP1 + XP pro SP3, FFesr 45.9, TB 45.8, CC 5.11)|
Laptops: Acer Aspire V5-591G, W10 Home[x64] v1809 (Build 17763.437) | HPI_2020M, W8.1 pro[x64] | Amilo Xi2428, W8.1 pro | MD95400, W7ult SP1 | MD97400, XP pro SP3|
FFesr 60.9.0[NS,ABP,AOS],TB 60.6.1,MCS,CC 5.63,MBAM,MBAE,ASB 77.1, FW (W7+XP): CIS 3.14[FW,D+], AV (W7+XP): Avast Free 2015.10.4.2233|

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31772
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5795 on: January 18, 2019, 06:29:07 PM »
Cryptominer removes protection software on Linux servers:
First they disable cloud monitoring service, deinstalling it the way an admin would do.
Malcrean ts getting more and more dastardly in their ways.
https://unit42.paloaltonetworks.com/malware-used-by-rocke-group-evolves-to-evade-detection-by-cloud-security-products/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41751
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5796 on: January 19, 2019, 04:31:16 PM »
I had forgotten how long CryptoLocker has been a part of the scene:
https://forum.avast.com/index.php?topic=19387.msg179783#msg179783
I posted that back in 2006
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31772
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5797 on: January 19, 2019, 06:24:33 PM »
Serious Drupal holes: https://www.us-cert.gov/ncas/current-activity/2019/01/16/Drupal-Releases-Security-Updates
Re: https://www.drupal.org/sa-core-2019-001  and   https://www.drupal.org/sa-core-2019-002

And again at the heart of the problem lies not sufficiently validated PHP.
PHP developer keep your cheat-sheets ready.
Read: https://phpsecurity.readthedocs.io/en/latest/Input-Validation.html
Sometimes file expectations are wronly being interpreted:
https://stackoverflow.com/questions/15943926/php-possible-weaknesses-for-filter-validate-url-fopenurl-r-url-validati
and see other PHP related trouble: https://www.tenable.com/plugins/nessus/17715

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61165
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5798 on: January 21, 2019, 08:26:38 AM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline alanb

  • Sr. Member
  • ****
  • Posts: 358
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5799 on: January 21, 2019, 02:01:16 PM »
Quote
Facebook Caught Red Handed While Swiping Money From Children

I'm astonished that a company with such a reputation for integrity, transparency and fair dealing would resort to such practices  ;D

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31772
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5800 on: January 22, 2019, 04:12:50 PM »
Magecart hackers rejoice: https://gwillem.gitlab.io/2019/01/17/adminer-4.6.2-file-disclosure-vulnerability/
Check your Magento CMS here: https://www.magereport.com/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31772
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5801 on: January 22, 2019, 04:27:05 PM »
Malcreants adopted PEAR version that was online for half a year.

Archived phar files are not checked too often against being compromised:
Check the repository for the right non-malicious archive: https://github.com/pear

AV should pay more attention to such open source code for being altered and compromised  ;)

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36156
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5802 on: January 23, 2019, 12:22:03 PM »
Google is proposing a change to Chrome that would break ad blockers like uBlock Origin
https://9to5google.com/2019/01/22/google-chrome-break-ad-blockers/amp/?__twitter_impression=true

“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82071
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5803 on: January 23, 2019, 03:30:59 PM »
Google is proposing a change to Chrome that would break ad blockers like uBlock Origin
https://9to5google.com/2019/01/22/google-chrome-break-ad-blockers/amp/?__twitter_impression=true

Interesting, I already avoid Google Chrome (where ever possible 1 exception android mobile) and this certainly isn't going to get me to install it.

I just wonder how this would Impact ASB as it is based on Chromium. Assuming that ASB and Avast allow uBlock Origin add-on to be installed.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.541) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline =Snake=

  • ..... minden elfelejtettem.
  • Massive Poster
  • ****
  • Posts: 3951
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5804 on: January 23, 2019, 03:33:12 PM »
Main: AMD LE1620, W7ult SP1 | MS-7091, P4, XP pro SP3 || AMD_Athlon 1800+ (W7ult SP1 + XP pro SP3, FFesr 45.9, TB 45.8, CC 5.11)|
Laptops: Acer Aspire V5-591G, W10 Home[x64] v1809 (Build 17763.437) | HPI_2020M, W8.1 pro[x64] | Amilo Xi2428, W8.1 pro | MD95400, W7ult SP1 | MD97400, XP pro SP3|
FFesr 60.9.0[NS,ABP,AOS],TB 60.6.1,MCS,CC 5.63,MBAM,MBAE,ASB 77.1, FW (W7+XP): CIS 3.14[FW,D+], AV (W7+XP): Avast Free 2015.10.4.2233|