Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2860953 times)

0 Members and 7 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5985 on: October 09, 2019, 01:51:40 PM »
750 end-of-life servers removed from the Tor-network by Tor Project.
Read: https://blog.torproject.org/removing-end-life-relays-network

Why is this important?
On the importance of using ioc's for tor-c-2, read:
https://socprime.com/en/blog/wannacry-no-more-ransomware-worm-iocs-tor-c2-and-technical-analysis-siem-rules/

C&C servers are the malware online sockpuppets:
https://securityaffairs.co/wordpress/89237/malware/mirai-botnet-tor-c2.html &
https://www.microsoft.com/security/blog/2014/03/05/sefnits-tor-botnet-cc-details/

Malware abuse with tor-loc
https://www.symantec.com/security-center/writeup/2013-090611-2333-99
for Mevade backdoor e.v.

Tor should get an enhanced security effort. A continuous drive to protect it to keep tor and the general user more safe and secure.
(info credits go to #sockpuppet)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5986 on: October 11, 2019, 06:20:36 PM »
Magecart malware, still alive and kicking: brought to your webshop by 15 active cybercrime groups.  ::) :o
Read: https://www.theregister.co.uk/2019/10/04/magecart/

Check whether your Magento shop is vulnerable here: https://www.magereport.com/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5987 on: October 14, 2019, 12:07:04 AM »
Vulnerability in iTunes and iCloud allowed Windows PC ransomware infection
https://9to5mac.com/2019/10/11/vulnerability-in-itunes/




Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5988 on: October 14, 2019, 12:22:55 AM »
Vulnerability in iTunes and iCloud allowed Windows PC ransomware infection
https://9to5mac.com/2019/10/11/vulnerability-in-itunes/
It's already been patched. Update to fix the vulnerability.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5989 on: October 17, 2019, 09:25:37 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5991 on: October 23, 2019, 11:48:59 PM »
Hi Pondus,

I sense we have to prepare for some negative VPN news breaking.
Many of such services have now outgrown their initial possibilities,
and we soon gonna meet the manco's. At least i.m.h.o.
Hope I am wrong,

polonus aka Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5992 on: October 25, 2019, 01:18:15 PM »
Again Magecart infections via PIO: https://sansec.io/labs/2018/10/23/magecart-extension-0days/

Here about vendors that were hit: https://www.theregister.co.uk/2018/11/02/kitronik_online_shop_malware/

So, hop over to https://www.magereport.com/  and scan your Magento shop CMS.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5993 on: October 25, 2019, 10:52:39 PM »
L.S.

When you have read the link content in the previous, you now know about POI (PHP Object Injection) and one of the attack vectors. You wanna know about further attack vectors, they are being introduced here: http://www.tecapi.com/public/relative-vulnerability-rating-gui.jsp  and then here: http://www.tecapi.com/public/rvr-view-attack-vector-gui.jsp?antiCsrfToken=null&attackVectorId=10  and see why these attack vectors are critical.

You scan your code for flaws, making it susceptible to POI.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5994 on: October 26, 2019, 06:55:20 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5995 on: October 26, 2019, 09:18:42 PM »
Maxthon Browser for Windows - Unquoted Search Path and Potential Abuses (CVE-2019-16647)
https://safebreach.com/Post/Maxthon-Browser-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-16647



Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5996 on: October 27, 2019, 04:20:05 PM »
Nasty PHP7 remote code execution bug exploited in the wild on Nginx webservers
through a specially crafted URL, read:
https://www.zdnet.com/article/nasty-php7-remote-code-execution-bug-exploited-in-the-wild/
See the PoC: https://github.com/neex/phuip-fpizdam

Again non validated PHP is the can of worms it always has been.
You could open this box of Pandora before you are aware.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5997 on: October 28, 2019, 01:41:03 PM »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5999 on: October 29, 2019, 09:50:54 AM »
Notice of Potential Payment Card Incident
http://www.krystal.com/security/
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0