Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1953945 times)

0 Members and 2 Guests are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32544
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6031 on: January 11, 2020, 08:03:04 AM »
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32544
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6032 on: January 11, 2020, 02:07:36 PM »
On many sites Google Translate could mean a problem for potential attacks on 'window.opener',

read: https://webhint.io/docs/user-guide/hints/hint-disown-opener/#why-is-this-important (security-problem)

Where we have seen this: close all
disown-opener: 65 hints

hint #1: '<a class="goog-logo-link" href="-https://translat … -right: 3px" alt="Google Translate">Translate</a>' should have 'rel' attribute value include 'noopener' and 'noreferrer' keywords.

detected on -https://www.ninefornews … nos-fake-news-etc

<a class="goog-logo-link" href="-https://translate.google.com" target="_blank">

Also cdn.taboola dot com adware found on that page: https://www.joesandbox.com/analysis/152773/0/html

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: January 11, 2020, 03:19:31 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Secondmineboy

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3651
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6033 on: January 12, 2020, 07:55:06 PM »
Microsoft Outsourced Skype, Cortana Voice Analysis to China With Virtually No Security in Place

https://gizmodo.com/microsoft-outsourced-skype-cortana-voice-analysis-to-c-1840935163
Windows 10 1909, 4 GB DDR3 RAM, 500 GB 5400 RPM HDD, 1366 by 768 LCD Screen, Intel Core i3 5010U Dual Core, Intel HD Graphics 5500
HUAWEI P30 Pro. Android 10

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43710
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6034 on: January 13, 2020, 04:18:42 PM »
Hack Cambridge’s young geniuses to take a crack at the Avast Secure Browser
https://blog.avast.com/avast-team-prepares-for-hack-cambridge
I personally can't wait for the results.
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 36692
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6035 on: January 14, 2020, 07:32:20 AM »
Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability
https://www.zdnet.com/article/hundreds-of-millions-of-cable-modems-are-vulnerable-to-new-cable-haunt-vulnerability/

What is Cable Haunt?  https://cablehaunt.com/


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32544
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6036 on: January 15, 2020, 12:19:12 PM »
130.000 Word Press CMS websites vulnerable because of holed plug-in.

Vulnerable plug-in = https://wordpress.org/plugins/iwp-client

You could get infested through a specially crafted request:
https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/

168.000 Word Press websites already patched: https://wordpress.org/plugins/iwp-client/advanced/

Badly configured insecure Word Press CMS based on PHP stays a security liability i.m.h.o. by design.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6037 on: January 17, 2020, 06:59:26 AM »
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6038 on: January 20, 2020, 05:41:13 AM »
ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43710
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6041 on: January 23, 2020, 11:15:11 AM »
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6042 on: January 24, 2020, 07:58:54 AM »
Report: 250 million Microsoft customer service and support records exposed on the web
https://www.comparitech.com/blog/information-security/microsoft-customer-service-data-leak/
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 43710
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6043 on: January 24, 2020, 11:16:53 AM »
Report: 250 million Microsoft customer service and support records exposed on the web
https://www.comparitech.com/blog/information-security/microsoft-customer-service-data-leak/
MS states that they have contacted the users effected. I didn't get any notification.
Wonder if that means I'm not effected?
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.3.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 65507
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6044 on: January 24, 2020, 11:55:14 AM »
Report: 250 million Microsoft customer service and support records exposed on the web
https://www.comparitech.com/blog/information-security/microsoft-customer-service-data-leak/
MS states that they have contacted the users effected. I didn't get any notification.
Wonder if that means I'm not effected?
Let's hope so Bob, but only the guys at Microsoft can say for sure.
Win 8.1 [x64] - Avast PremSec 20.6.2416.B#1 [UI.537] - CC 5.68 - EEK - FF ESR 68.10 [NS/AOS/uBO/PB] - TB 68.10 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0