Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
General Topics
»
SECURITY WARNINGS & Notices - Please post them here
« previous
next »
Print
Pages:
1
...
407
408
[
409
]
410
411
...
468
Go Down
Author
Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2882036 times)
0 Members and 6 Guests are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6120 on:
May 06, 2020, 04:16:05 PM »
Word Press CMS with 5 vulnerable extensions being attacked:
https://www.wordfence.com/blog/2020/05/nearly-a-million-wp-sites-targeted-in-large-scale-attacks/
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6121 on:
May 07, 2020, 04:00:55 PM »
A million Word-Press sites are at risk from an actively attacked hole in the Elementor-Pro plug-in.
Read:
https://www.wordfence.com/blog/2020/05/combined-attack-on-elementor-pro-and-ultimate-addons-for-elementor-puts-1-million-sites-at-risk/
I have been warning against security issues with this a-priory-insecure CMS, that often has outdated kernel-code (old versions) based on often can-of-worms-PHP-language, with many vulnerable or left plug-ins and themes. Often wrongly set default settings for user enumeration and directory listing and outdated retirable jQuery code libraries.
Automatic updating procedures may break your website code.
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6122 on:
May 12, 2020, 02:46:59 PM »
And again approx. 1200 infections on webshops running a PHP based CMS - backtracking MageCart infections
Read:
https://maxkersten.nl/2020/05/06/backtracking-magecart-infections/
(info credits -> Max Kersten)
Scan here:
https://www.magereport.com/
and stay fully updated and fully patched!
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Asyn
Avast Überevangelist
Certainly Bot
Posts: 76037
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6123 on:
May 13, 2020, 09:50:55 AM »
Hacker group selling databases with millions of user credentials busted in Poland and Switzerland
https://www.europol.europa.eu/newsroom/news/hacker-group-selling-databases-millions-of-user-credentials-busted-in-poland-and-switzerland
Logged
W8.1
[x64]
-
Avast Free AV 23.3.8047.BC
[UI.757]
- Firefox ESR 102.9
[NS/uBO/PB]
- Thunderbird 102.9.1
Avast-Tools:
Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos):
https://forum.avast.com/index.php?topic=60523.0
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6124 on:
May 13, 2020, 10:28:37 AM »
Top 10 Routinely Exploited Vulnerabilities | CISA (used by State actors and Cybercriminals alike):
https://www.us-cert.gov/ncas/alerts/aa20-133a
source: National Cyber Awareness System,
polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6125 on:
May 14, 2020, 06:00:48 PM »
1.3 million Word Press sites targeted by a single malcreant:
Re:
https://www.wordfence.com/blog/2020/05/one-attacker-rules-them-all/
Attacked were WP extensions like Easy2Map, Blog Designer, WP GDPR Compliance, Total Donations and also Newspaper-theme.
On one of the IP abused:
https://intodns.com/bringtolightnyc.org
Apache/2 E-Tag "2c-59c5c662ca35e"
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6126 on:
May 15, 2020, 02:20:38 PM »
The Unattributable leak your data:
23 million e-mail addresses leaked from a non-protected Elasticsearch-server.
But the original "scraper" cannot be defined and be held responsible as the cloud service does not provide us with names,
only gives out "unattributable". Cybercriminals often have more protection then legit end-users have. Sad but true fact.
Read:
https://www.troyhunt.com/the-unattributable-db8151dd-data-breach/
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Asyn
Avast Überevangelist
Certainly Bot
Posts: 76037
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6127 on:
May 18, 2020, 06:30:11 AM »
North Korean Malicious Cyber Activity
https://www.us-cert.gov/northkorea
Logged
W8.1
[x64]
-
Avast Free AV 23.3.8047.BC
[UI.757]
- Firefox ESR 102.9
[NS/uBO/PB]
- Thunderbird 102.9.1
Avast-Tools:
Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos):
https://forum.avast.com/index.php?topic=60523.0
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6128 on:
May 18, 2020, 11:53:50 AM »
I
nteresting background analysis reads on REvil ransomware:
https://blog.intel471.com/2020/03/31/revil-ransomware-as-a-service-an-analysis-of-a-ransomware-affiliate-operation/
&
https://www.kpn.com/security-blogs/Tracking-REvil.htm
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
bob3160
Avast Überevangelist
Probably Bot
Posts: 48551
64 Years of Happiness
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6129 on:
May 18, 2020, 02:10:56 PM »
https://anchor.fm/norbert-gostischa/episodes/Weekly-Security-News-Roundup-WE-5-15-2020-ee79ol/a-a27pt4o
Logged
Free Security Seminar:
https://bit.ly/bobg2023
-
Important:
http://www.organdonor.gov/
--
My Web Site:
http://bob3160.strikingly.com/
- Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066,
How to Successfully Install Avast
http://goo.gl/VLXde
-
Repair & Clean Install
https://goo.gl/t7aJGq
--
My Online Activity
https://bit.ly/BobGInternet
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6130 on:
May 18, 2020, 02:27:40 PM »
Supercomputers hacked across Europe to mine crytocurrency:
https://www.zdnet.com/article/supercomputers-hacked-across-europe-to-mine-cryptocurrency/
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Asyn
Avast Überevangelist
Certainly Bot
Posts: 76037
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6131 on:
May 20, 2020, 07:22:35 AM »
EasyJet hacked: data breach affects 9 million customers
https://www.bleepingcomputer.com/news/security/easyjet-hacked-data-breach-affects-9-million-customers/
http://otp.investis.com/clients/uk/easyjet1/rns/regulatory-story.aspx?cid=2&newsid=1391756
Logged
W8.1
[x64]
-
Avast Free AV 23.3.8047.BC
[UI.757]
- Firefox ESR 102.9
[NS/uBO/PB]
- Thunderbird 102.9.1
Avast-Tools:
Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos):
https://forum.avast.com/index.php?topic=60523.0
bob3160
Avast Überevangelist
Probably Bot
Posts: 48551
64 Years of Happiness
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6132 on:
May 21, 2020, 01:28:50 PM »
Logged
Free Security Seminar:
https://bit.ly/bobg2023
-
Important:
http://www.organdonor.gov/
--
My Web Site:
http://bob3160.strikingly.com/
- Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066,
How to Successfully Install Avast
http://goo.gl/VLXde
-
Repair & Clean Install
https://goo.gl/t7aJGq
--
My Online Activity
https://bit.ly/BobGInternet
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6133 on:
May 21, 2020, 04:04:28 PM »
Polonus stumbled upon this http-address in France:
http://perso102-g5.free.fr/info.php
Not being secure and wondering what was goin'on there, we scanned IP:
https://www.shodan.io/host/212.27.63.102
-> -leading to: -http://perso102-g5.free.fr/info.php
Re:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=cHt9c10xMDItZzUuZn17ey5mfWBbbmZdLnBocA%3D%3D~enc
Vulnerable SSL OpenSSL, headers - 1.0.1t 7.8 vulnerabilities:
code found:
https://www.openssl.org/news/vulnerabilities.html
via vulners extension in the browser.
Seems this route is (ab)used for ad-monetizing activities via Akidom service over insecure connections.
There is a lot going on under the hood in the browser, the average user is not aware of,
that is why polonus now and then dare to take a glimpse of what is going on there
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
«
Last Edit: May 21, 2020, 04:06:58 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Asyn
Avast Überevangelist
Certainly Bot
Posts: 76037
Re: SECURITY WARNINGS & Notices - Please post them here
«
Reply #6134 on:
May 21, 2020, 04:11:31 PM »
Home Chef announces data breach after hacker sells 8M user records
https://www.bleepingcomputer.com/news/security/home-chef-announces-data-breach-after-hacker-sells-8m-user-records/
https://support.homechef.com/hc/en-us/sections/360008878052-Home-Chef-Data-Security-Incident
Logged
W8.1
[x64]
-
Avast Free AV 23.3.8047.BC
[UI.757]
- Firefox ESR 102.9
[NS/uBO/PB]
- Thunderbird 102.9.1
Avast-Tools:
Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos):
https://forum.avast.com/index.php?topic=60523.0
Print
Pages:
1
...
407
408
[
409
]
410
411
...
468
Go Up
« previous
next »
Avast WEBforum
»
Other
»
General Topics
»
SECURITY WARNINGS & Notices - Please post them here