Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1815054 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5985 on: October 09, 2019, 01:51:40 PM »
750 end-of-life servers removed from the Tor-network by Tor Project.
Read: https://blog.torproject.org/removing-end-life-relays-network

Why is this important?
On the importance of using ioc's for tor-c-2, read:
https://socprime.com/en/blog/wannacry-no-more-ransomware-worm-iocs-tor-c2-and-technical-analysis-siem-rules/

C&C servers are the malware online sockpuppets:
https://securityaffairs.co/wordpress/89237/malware/mirai-botnet-tor-c2.html &
https://www.microsoft.com/security/blog/2014/03/05/sefnits-tor-botnet-cc-details/

Malware abuse with tor-loc
https://www.symantec.com/security-center/writeup/2013-090611-2333-99
for Mevade backdoor e.v.

Tor should get an enhanced security effort. A continuous drive to protect it to keep tor and the general user more safe and secure.
(info credits go to #sockpuppet)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5986 on: October 11, 2019, 06:20:36 PM »
Magecart malware, still alive and kicking: brought to your webshop by 15 active cybercrime groups.  ::) :o
Read: https://www.theregister.co.uk/2019/10/04/magecart/

Check whether your Magento shop is vulnerable here: https://www.magereport.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36248
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5987 on: October 14, 2019, 12:07:04 AM »
Vulnerability in iTunes and iCloud allowed Windows PC ransomware infection
https://9to5mac.com/2019/10/11/vulnerability-in-itunes/



“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41901
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5988 on: October 14, 2019, 12:22:55 AM »
Vulnerability in iTunes and iCloud allowed Windows PC ransomware infection
https://9to5mac.com/2019/10/11/vulnerability-in-itunes/
It's already been patched. Update to fix the vulnerability.
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61576
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5989 on: October 17, 2019, 09:25:37 AM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36248
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5991 on: October 23, 2019, 11:48:59 PM »
Hi Pondus,

I sense we have to prepare for some negative VPN news breaking.
Many of such services have now outgrown their initial possibilities,
and we soon gonna meet the manco's. At least i.m.h.o.
Hope I am wrong,

polonus aka Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5992 on: October 25, 2019, 01:18:15 PM »
Again Magecart infections via PIO: https://sansec.io/labs/2018/10/23/magecart-extension-0days/

Here about vendors that were hit: https://www.theregister.co.uk/2018/11/02/kitronik_online_shop_malware/

So, hop over to https://www.magereport.com/  and scan your Magento shop CMS.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5993 on: October 25, 2019, 10:52:39 PM »
L.S.

When you have read the link content in the previous, you now know about POI (PHP Object Injection) and one of the attack vectors. You wanna know about further attack vectors, they are being introduced here: http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp  and then here: http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&attackVectorId=10  and see why these attack vectors are critical.

You scan your code for flaws, making it susceptible to POI.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61576
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5994 on: October 26, 2019, 06:55:20 AM »
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36248
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5995 on: October 26, 2019, 09:18:42 PM »
Maxthon Browser for Windows - Unquoted Search Path and Potential Abuses (CVE-2019-16647)
https://safebreach.com/Post/Maxthon-Browser-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-16647


“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31878
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5996 on: October 27, 2019, 04:20:05 PM »
Nasty PHP7 remote code execution bug exploited in the wild on Nginx webservers
through a specially crafted URL, read:
https://www.zdnet.com/article/nasty-php7-remote-code-execution-bug-exploited-in-the-wild/
See the PoC: https://github.com/neex/phuip-fpizdam

Again non validated PHP is the can of worms it always has been.
You could open this box of Pandora before you are aware.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36248
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5997 on: October 28, 2019, 01:41:03 PM »
“Ah beer. The cause of and the solution to all of life’s problems.”

"Operator! Give me the number for 911!"

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61576
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 61576
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5999 on: October 29, 2019, 09:50:54 AM »
Notice of Potential Payment Card Incident
http://www.krystal.com/security/
Win 8.1 [x64] - Avast PremSec 19.9.2394.B1 - CC 5.63 - EEK - Firefox ESR 68.2 [NS/AOS/uBO] - Thunderbird 68.2.2 [EM] - ACP/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0