Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2861297 times)

0 Members and 1 Guest are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6105 on: April 11, 2020, 06:52:07 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6106 on: April 11, 2020, 03:23:10 PM »
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6107 on: April 14, 2020, 01:27:15 PM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6108 on: April 14, 2020, 03:21:21 PM »
Over 500,000 Zoom accounts sold on hacker forums, the dark web
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
Meeting credentials for me change for each meeting so does the randomly created password.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6109 on: April 14, 2020, 03:24:17 PM »
Starting 4/18/2020 paid customer, will be able to customize which data center regions your account can use,
by opting in or out of a specific data center region for real-time meeting data in transit.
Zoom admins and account owners of paid accounts can, at the account, group, or user level:
Opt out of specific data center regions
Opt in to specific data center regions
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6111 on: April 16, 2020, 01:24:46 PM »
Again Word Press sites could be taken over (hijacked) through Onetone-theme flaw (software left by developer).
A good 20.000 Word Press websites now at risk.

Read: https://blog.sucuri.net/2020/04/onetone-vulnerability-leads-to-javascript-cookie-hijacking.html
and
read: https://blog.nintechnet.com/unauthenticated-stored-xss-vulnerability-in-wordpress-onetone-theme-unpatched/

Word Press Content Management Software based on PHP, a constant pain in the proverbial parts.  ;D

polonus (volunteer 3rd party cold recon  website security analyst and website eror-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6112 on: April 16, 2020, 04:43:52 PM »
Example of a vulnerable Word Press http website,

Remember WordPress is a weak and vulnerable CMS based on PHP,
see how vulnerable it can be to specific downgrade network attacks, random example:
via ",/$.getScript(%27https://localhost/test.js%27,function(){})"  , which is a DOM-XSS attack ->
like here -htxp://paragon.net.uk/$.getScript(%27https://localhost/test.js%27,function(){}}
opening up to: -https://www.heg.com/wp-content/themes/renova/assets/js/bootstrap-modal.js?ver=4.9.13
which is a blacklisted site: https://sitecheck.sucuri.net/results/https/www.heg.com/wp-content/themes/renova/assets/js/bootstrap-modal.js?q=ver%3D4.9.13  (Outdated http://httpd.apache.org/security/vulnerabilities_22.html This is probably why this attack succeeded!).
Resulting in: Number of sources found: 41 ; Number of sinks found: 17

Source link: DOM XSS script -> script source: SANS Cyber Security Certs & Research.

A HTTPS Everywhere extension in your browser will block this uri inside the browser,
else a HEG main page may open up from HEG (=Host Europe Group), now part of GoDaddy's.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

« Last Edit: April 16, 2020, 04:48:58 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6113 on: April 18, 2020, 08:20:21 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6114 on: April 19, 2020, 01:01:27 PM »
A third of Tor Project staff have lost their jobs.

Read: https://blog.torproject.org/covid19-impact-tor

Coronavirus crisis & the "Globalonia forces" have quite some impact on the availability of reliable entry-nodes.
Many old sw-versions circulate with similarity hashes. Be aware!

Insecure onion addresses galore: -http://expyuzz4wqqyqhjn.onion/press/press.html
and -https://creep7nissfumwyx.onion/tor/press/press.html.en

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6115 on: April 19, 2020, 02:35:09 PM »
Cognizant dot com hit by Maze-ransomware.
What is Maze? -> https://www.mcafee.com/blogs/other-blogs/mcafee-labs/ransomware-maze/

Read: https://news.cognizant.com/2020-04-18-cognizant-security-update

Background search on Intelligence X: https://intelx.io/?s=cognizant.com  (interesting results?
e.g. abuse of Hong Kong domain for sale: https://www.sec.gov/litigation/admin/2014/34-73862.pdf )

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6116 on: April 22, 2020, 07:59:17 AM »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6117 on: April 22, 2020, 05:44:10 PM »
NSA and ASD warn against Webshell cyberattacks and give advice as how to protect against such cyberthreats:

http://www.nsa.gov/News-Features/News-Stories/Article-View/Article/2159419/detect-prevent-cyber-attackers-from-exploiting-web-servers-via-web-shell-malware/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
« Last Edit: April 23, 2020, 02:15:35 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #6119 on: May 02, 2020, 09:22:00 AM »
French Subscribers to Famous News Site at Risk from Hacking, Fraud
https://www.safetydetectives.com/blog/lefigaro-leak-report/
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0