Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1835971 times)

0 Members and 5 Guests are viewing this topic.

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5895 on: April 26, 2019, 12:49:49 PM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5897 on: April 27, 2019, 12:43:07 PM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31973
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5898 on: April 27, 2019, 10:07:04 PM »
I have been going on in the virus and worms on the insecurity of Word Press CMS based on php.
Especially how vulnerable plug-ins of the website software can be exploited by malcreants.

A new one, in a series of some 243 attacks over the latter years, Multi-Vector Attack in Server Logs,
read: https://labs.sucuri.net/?note=2019-03-25

Just too many results for this one, just 11 exploitables reported:
dork query //websites/GET+%2Fwp-admin%2Fadmin-post.php%3Fswp_debug%3Dload_options%26swp_url%3D/
detected -https://www.prensafutbol.cl/ -> Outdated software detected:
https://sitecheck.sucuri.net/results/https/www.prensafutbol.cl
= a high risk site with vulnerable mixed content!

polonus (volunteer 3rd party cold reconnaisance website security analyst and website error-hunter)

Read about the issue from Johanbnes Pille and others here: https://wordpress.stackexchange.com/questions/69549/define-wp-debug-conditionally-for-admins-only-log-errors-append-query-arg-f/69552

polonus
« Last Edit: April 28, 2019, 12:40:32 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5899 on: April 28, 2019, 04:10:50 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31973
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5900 on: April 29, 2019, 01:17:50 PM »
Urgent request to 60.000 vulnerable Word Press webshops to update plug-in
and disble a specific non-patched plug-in for the time being: 


Immediately install: https://wordpress.org/support/topic/upgrade-to-4-3/

The plug-in involved that should be upgraded:
https://wordpress.org/plugins/woocommerce-checkout-manager/

Read on that particular attack campaign: https://labs.sucuri.net/?note=2019-03-25

Word Press kernel software, unless fully patched and not outdated is rather secure,
and comes checked by developers that maintain the code.

When configuring mind to set user enumeration to disabled as well as directory listing to disabled,
and see to it all your links are Google Safebrowsing OK-ed.

Word Press plug-ins should also be treated with extra care, keep them fully updated,
and remove the risky ones and certainly those left by developers,
as they won't get updates and in due time will form a grave risk
to website owners/admins, hosting parties and end-users alike.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Update. From 13.30 hrs. to-day CET the developer came up with a new updated version 4.3,

Damian
« Last Edit: April 29, 2019, 11:59:49 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36326
  • Weihrauch Airguns

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5902 on: April 30, 2019, 04:47:36 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61933
  • Happy Holidays..!!
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5903 on: April 30, 2019, 08:42:32 AM »
Report: Unknown Data Breach Exposes 80 Million US Households
https://www.vpnmentor.com/blog/report-millions-homes-exposed/
W8.1 [x64] - Avast PremSec 19.9.2394.B#1 - CC 5.63 - EEK - Firefox ESR 68.3 [NS/AOS/uBO/PB] - Thunderbird 68.3 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5904 on: May 01, 2019, 04:28:53 AM »
New Sodinokibi Ransomware Delivered via Oracle WebLogic Flaw
https://www.securityweek.com/new-sodinokibi-ransomware-delivered-oracle-weblogic-flaw
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31973
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5905 on: May 01, 2019, 12:47:50 PM »
Oracle WebLogic-servers under attack from ransomeware since 25th of April.
Patch available from April 26th henceon,

Re: https://blog.talosintelligence.com/2019/04/sodinokibi-ransomware-exploits-weblogic.html

Patch and upgrade a.s.a.p.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31973
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5906 on: May 07, 2019, 10:12:56 PM »
Burger King leaked 38.000 customer data through unprotected publicly available Elasticsearch database:
Read: https://securitydiscovery.com/burger-kings-online-shop-for-kids-exposed-data/  (source Bob Diachenko).

Example of a resource that has adequate protection:
http://156.235.224.95/ met Protected Elastiscearch with password protection on log-in
or protected through Kibana. See: https://www.elastic.co/guide/en/x-pack/current/elasticsearch-security.html

That is the least Burger King customers should expect there to be.

No there are handy little specific searchscripts to be used on Shodan: like LeakLooker
to find unprotected open MongoDB, CouchDB and Elasticsearch databases.

However a website may contain unprotected open resources,
intruders cannot visit such unprotected to access Elastisearch databases,
that is illegal and punishable conduct.

"When you see some veranda doors open at the porch, this does not mean it is an invitation to enter".
Good Bob Diachenko disclosed this situation.

On the other hand it is a shame for Burger King to have such unprotected open databases in the first place.
The database has now been adequately protected.

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5907 on: May 08, 2019, 05:00:18 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1893
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5908 on: May 09, 2019, 04:47:39 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31973
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5909 on: May 13, 2019, 11:47:29 PM »
Thousands of webshops leak customer data:
https://publicwww.com/websites/%22assets.pcrl.co%22/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!