Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1816296 times)

0 Members and 3 Guests are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61612
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5970 on: September 01, 2019, 04:49:55 PM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36259
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5971 on: September 03, 2019, 08:55:19 PM »
Revealed: How a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran
https://www.yahoo.com/news/revealed-how-a-secret-dutch-mole-aided-the-us-israeli-stuxnet-cyber-attack-on-iran-160026018.html



“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36259
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5972 on: September 03, 2019, 08:57:15 PM »
41% of Consumers Still Use Unsupported or Nearly Expired Operating Systems
https://usa.kaspersky.com/about/press-releases/2019_consumers-still-use-unsupported-and-near-end-of-life-os




“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82212
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5973 on: September 03, 2019, 09:57:29 PM »
41% of Consumers Still Use Unsupported or Nearly Expired Operating Systems
https://usa.kaspersky.com/about/press-releases/2019_consumers-still-use-unsupported-and-near-end-of-life-os

My surprise is that it is only 41% :)
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.541) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline =Snake=

  • ..... minden elfelejtettem.
  • Massive Poster
  • ****
  • Posts: 4292
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5974 on: September 05, 2019, 06:14:30 PM »
Main: AMD LE1620, W7ult SP1 | MS-7091, P4, XP pro SP3 || AMD_Athlon 1800+ (W7ult SP1 + XP pro SP3, FFesr 45.9, TB 45.8, CC 5.11)|
Laptops: Acer Aspire V5-591G, W10 Home[x64] v1809 (Build 17763.437) | HPI_2020M, W8.1 pro[x64] | Amilo Xi2428, W8.1 pro | MD95400, W7ult SP1 | MD97400, XP pro SP3|
FFesr 68.2.0[NS,ABP,AOS],TB 68.2.1,MCS,CC 5.63,MBAM,MBAE,ASB 77.1,FW (W7+XP): CIS 3.14[FW,D+],AV (W7+XP): Avast Free 2015.10.4.2233|

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41905
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5975 on: September 05, 2019, 10:58:22 PM »
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Online polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31883
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5976 on: September 25, 2019, 06:15:01 PM »
Spammers abuse Snowden's new book to spread emotet malware trojan downloader infections.
Read: https://blog.malwarebytes.com/botnets/2019/09/emotet-malspam-campaign-uses-snowdens-new-book-as-lure/

We cannot tell for sure, such malware spam campaigns come from average cybercriminals or with the blessing of some state actors,
consider: https://www.theverge.com/2019/9/17/20870706/edward-snowden-book-us-government-justice-lawsuit-profits-release

Think of groups like APT28, DarkMatter and other groups that operate with government consent of sorts.

Analyzing one example from South Africa in Afrikaans & US American English:
See: https://any.run/report/821e3f454016615879c524b7b2604c21f783b062f4c9756993a2be75e08d8820/ea4d097e-bc52-4ac1-bcc1-6acee3cd47ee
Other information on this malware campaign:
https://isc.sans.edu/diary/More+Malspam+pushing+Emotet+malware/23083
on forwarding port: https://www.google.com/search?client=avast&ei=RFyLXfWLHYLMwQKU6Z-gAw&q=port+7080+used+for+malware&oq=port+7080+used+for+malware&gs_l=psy-ab.12..33i160.526.2228..3679...0.2..2.786.4145.2-3j5-3j2......0....1..gws-wiz.......0i71j0i22i30.S9TZ0mtzXLA&ved=0ahUKEwj1vY_F--vkAhUCZlAKHZT0BzQQ4dUDCAs
detection: https://www.virustotal.com/gui/url/cfe00e649b459de311f14bc751439f6ada69b4462f4251399b3d250447791bfa/detection
On infesting sw-cp server: https://toolbar.netcraft.com/site_report?url=http%3A%2F%2Feuve264289.serverprofi24.de%2F
On the zero-day being abused: https://blogs.cisco.com/security/plesk-0-day-targets-web-servers
On that particular launching IP: https://www.shodan.io/host/62.75.171.248

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61612
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Online polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31883
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5978 on: September 28, 2019, 01:27:15 PM »
Malicious HTA node.js malware, not just for spammers.
Cisco & Microsoft warn users.
See: https://www.trustedsec.com/2015/07/malicious-htas/
Re: -https://github.com/InQuest/malware-samples/tree/master/2019-04-Malicious-HTA-file
and read: https://www.cybersecurity-help.cz/blog/698.html

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36259
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Online polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31883
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5980 on: October 01, 2019, 10:22:07 PM »
Security Attacks via Malicious QR Codes:
Read: https://resources.infosecinstitute.com/security-attacks-via-malicious-qr-codes/

Various generators for various purposes:
https://www.the-qrcode-generator.com/
http://goqr.me/
http://www.qr-code-generator.com/
http://www.qrstuff.com/
https://scan.me/qr-code-generator

A QR code has an unlimited lifespan, PHISHING is the main attack vector for malicious QR Code.
info credits for the above information go to INFOSEC.'s Pavitra Shankdhar

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61612
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5981 on: October 02, 2019, 05:28:36 AM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41905
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5982 on: October 02, 2019, 12:45:48 PM »
Comodo Forums Breached, Data of Over 170,000 Users Up for Grabs
https://www.bleepingcomputer.com/news/security/comodo-forums-breached-data-of-over-170-000-users-up-for-grabs/
Some of us know first hand that no forum is ever 100% safe. Actually, nothing is which is why we need security.
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Online polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31883
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5983 on: October 03, 2019, 12:10:15 AM »
Cybercrime is everywhere, read about Predator the Thief, a malware stealer, here:
https://www.fortinet.com/blog/threat-research/predator-the-thief-new-routes-delivery.html  (info credits go to Fortinet's).

One of the launch IPs for this: https://www.shodan.io/host/18.219.205.14
Not detected as such at VT: https://www.virustotal.com/gui/url/b7cbb3ffcdd2172d17328a0e0fd45a67844e2d557c91cf35284339e064b3fa57/details
Stumbled upon this malbot here: http://cybercrime-tracker.net/index.php
where one can meet more notorious members of this unwelcome family  ;)

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!