Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 2860883 times)

0 Members and 3 Guests are viewing this topic.


Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS Notices - Please post them here
« Reply #136 on: January 20, 2010, 04:57:10 AM »
Microsoft readies emergency IE patch
The out-of-band update will be released once the company is satisfied that it has been properly tested against all affected versions of Windows. by Ryan Naraine

READ FULL STORY
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #137 on: January 21, 2010, 12:49:07 AM »
Critical out-of-band IE patch coming tomorrow (Jan 21)


http://blogs.zdnet.com/security/?p=5298&tag=nl.e589
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

CharleyO

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #138 on: January 21, 2010, 06:47:24 AM »
***

Be on the lookout for email like this example I received today. Do not open it!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MESSAGE QUARANTINED

Virus Detected: CMU-10739-20100120

Message Details:
From: "DHL Manager Cynthia Estes" <shipping(at)dhl.com>
Subject: DHL Tracking Number 0260151405.
Date: Thu, 21 Jan 2010 10:05:23 +0800
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


***

Offline Omid Farhang

  • Frontend Developer
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1660
  • I wish I could write longer personal text!!
    • Homepage
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #139 on: January 21, 2010, 12:36:05 PM »
***

Be on the lookout for email like this example I received today. Do not open it!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MESSAGE QUARANTINED

Virus Detected: CMU-10739-20100120

Message Details:
From: "DHL Manager Cynthia Estes" <shipping(at)dhl.com>
Subject: DHL Tracking Number 0260151405.
Date: Thu, 21 Jan 2010 10:05:23 +0800
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


***

Gmail users are safe, Gmail itself block it and says the reason to block it.
Twitter: OmidFarhangEn - OS: Manjaro KDE

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #140 on: January 21, 2010, 04:50:44 PM »
Be on the lookout for email like this example I received today. Do not open it!
<snip>
Message Details:
From: "DHL Manager Cynthia Estes" <shipping(at)dhl.com>
Subject: DHL Tracking Number 0260151405.
Date: Thu, 21 Jan 2010 10:05:23 +0800
<snip>

This type of phishing/malicious email has been doing the rounds for well over a year or longer. It just seems the company changes, UPS previously, etc.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline MikeBCda

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2247
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #141 on: January 21, 2010, 07:41:45 PM »
Yup -- I still see variations (in my ISP's quarantine) supposedly from just about every courier/delivery service around ... UPS, FedEx, Purolator, you name it.

Even if there's no infection in the email itself (or attachments, if any), this is essentially just a new twist on the classic "problem with your account" phishing thing supposed from the bank.  Those are really funny, actually, since the vast majority of them are typically from banks you've never dealt with.  The rare ones that do claim to be from my bank I'll forward to its security department since the contents seem to indicate familiarity with the bank's online systems.
Intel Atom D2700, 2 gig RAM, Win 7 x64 SP1 & IE-11, Firefox 51.0
(default). 320 gig HD, 15Mb DSL, Win firewall, Avast 12.3.2280 free, SpywareBlaster, MBAM Prem., Crypto-Prevent

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #142 on: January 21, 2010, 08:41:11 PM »
The IE vulnerability has been fixed

Just do a Windows Update

http://news.bbc.co.uk/2/hi/technology/8469632.stm

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #143 on: January 22, 2010, 03:54:45 PM »
Microsoft Security Advisory (979682)
Vulnerability in Windows Kernel Could Allow Elevation of Privilege

Note: This only seems to affect 32 bit architecture.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #144 on: January 22, 2010, 03:57:47 PM »
Hi bob3160,

About the work-around:
In a posting to a public mailing list, Tavis Ormandy disclosed a zero day privilege escalation vulnerability in the Windows kernel. All versions of Windows, starting with Windows NT 3.1 up to including Windows 7, are affected.

The vulnerability affects support for 16 bit applications. In most cases, it is safe to turn off support for 16 bit applications.

Here are the mitigation instructions (copied from the advisory):

Temporarily disabling the MSDOS and WOWEXEC subsystems will prevent the attack from functioning, as without a process with VdmAllowed, it is not possible to access NtVdmControl() (without SeTcbPrivilege, of course).

The policy template "Windows ComponentsApplication CompatibilityPrevent access to 16-bit applications" may be used within the group policy editor to prevent unprivileged users from executing 16-bit applications. I'm informed this is an officially supported machine configuration.

Administrators unfamiliar with group policy may find the videos below instructive. Further information is available from the Windows Server Group Policy Home

http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx.

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #145 on: January 22, 2010, 10:50:19 PM »
Widespread attacks exploit newly patched IE bug
Symantec has seen attacks on hundreds of websites over the past day

http://computerworld.co.nz/news.nsf/scrt/3A4F677083954A91CC2576B300156A8D

Hermite15

  • Guest
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #146 on: January 22, 2010, 11:19:33 PM »
Widespread attacks exploit newly patched IE bug
Symantec has seen attacks on hundreds of websites over the past day

http://computerworld.co.nz/news.nsf/scrt/3A4F677083954A91CC2576B300156A8D

can't believe it...OK believe it or not this afternoon I was thinking there would possibly be a new bug after this patch, resulting from the patch itself may be ;D  :D oh no  :o
« Last Edit: January 22, 2010, 11:21:23 PM by Logos »

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #147 on: January 23, 2010, 02:19:17 AM »
This is for real. It's unbelievable but it's happening. :o
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #148 on: January 26, 2010, 06:33:57 PM »
UK is world's most popular phishing target
http://www.computing.co.uk/v3/news/2256635/uk-popular-phishing-target

Cardiff tops UK plastic fraud list
Alert  Print Post commentEr, in your face, London!
http://www.theregister.co.uk/2010/01/21/uk_plastic_fraud_hotspot/
« Last Edit: January 26, 2010, 06:51:22 PM by Pondus »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #149 on: January 26, 2010, 06:39:58 PM »
Depressing Analysis Of RockYou Hacked Passwords
http://www.techcrunch.com/2010/01/21/depressing-analysis-of-rockyou-hacked-passwords/


Swedes swap passwords for chocolate treats
http://www.thelocal.se/24486/20100120/


RockYou admits security snafu exposed email login details
http://www.theregister.co.uk/2009/12/17/rockyou_security_snafu/