Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2904629 times)

bob3160 · « **Reply #2640 on:** June 20, 2013, 05:19:56 PM »

Quote from: craigb on June 20, 2013, 05:05:45 PM

openxadvertising.com Mass Malvertising Campaign

http://research.zscaler.com/2013/06/openxadvertisingcom-mass-malvertising.html

The malicious advertisements were delivered from openxadvertising.com, which is currently blocked by Google SafeBrowsing.

polonus · « **Reply #2641 on:** June 21, 2013, 05:28:29 PM »

Ad injection onto your computer: http://blogs.technet.com/b/mmpc/archive/2013/06/20/ad-injection-and-you-how-adware-gets-on-your-computer.aspx
link article author = Chris Stubbs

polonus

essexboy · « **Reply #2642 on:** June 22, 2013, 08:39:33 PM »

MS has released a fixit to block all java in IE

Quote

Java is a unique form of extensibility because it can be invoked in the following two ways: •By using an applet

element
•By using an object

element that has a CLSID of a Java virtual machine (JVM)
These two invocation methods are subject to different security controls. This Knowledge Base Article contains a Fix it solution to disable the Java web plug-in from being loaded through these controls. The Fix it solution will also disable the Java Network Launching Protocol (JNLP) handler.

http://support.microsoft.com/kb/2751647

polonus · « **Reply #2643 on:** June 25, 2013, 02:27:34 PM »

Malcreants use instruction trick to circumvent av detection vua undocumented FPU instructions, read: http://blogs.technet.com/b/mmpc/archive/2013/06/24/investigation-of-a-new-undocumented-instruction-trick.aspx
link article author: Daniel Radu MMPC Munich
How are the authors, if they're different people, sharing information? asks the author of the article.
I have recently seen that info on attack code is being shared via hidden urls injected to innocent websites,
if you don't stumble onto the links by accident via an search engine indexer and searching for the topic you won't find these links...
See: http://lists.nongnu.org/archive/html/qemu-devel/2013-05/msg03684.html for patches on the glitch...

polonus

bob3160 · « **Reply #2644 on:** June 25, 2013, 04:01:05 PM »

"You can run, but you can't hide"

"Right now commenters across the Internet will be saying, Don't join Facebook or Delete your account.
But it appears that we're subject to Facebook's shadow profiles whether or not we choose to participate."
All of this is the result of Facebook's Shadow Profiling......

polonus · « **Reply #2645 on:** June 26, 2013, 01:11:25 AM »

Google finds up 10.000 new malicious sites a day: https://www.google.com/transparencyreport/safebrowsing/

polonus

Asyn · « **Reply #2646 on:** June 26, 2013, 03:00:52 PM »

Backup program allows root access to LG smartphones
http://www.h-online.com/security/news/item/Backup-program-allows-root-access-to-LG-smartphones-1896506.html

bob3160 · « **Reply #2647 on:** June 26, 2013, 05:01:55 PM »

Vast majority of malware attacks spawned from legit sites

bob3160 · « **Reply #2648 on:** June 26, 2013, 05:05:05 PM »

Mobile malware grows by 614 percent in last year

Asyn · « **Reply #2649 on:** June 27, 2013, 12:12:24 PM »

Security breach stopped [Opera]
http://my.opera.com/securitygroup/blog/2013/06/26/opera-infrastructure-attack

bob3160 · « **Reply #2650 on:** June 27, 2013, 03:24:03 PM »

Meet PRISM’s little brother: Socmint

When will "Big Brother" realize that he is infringing on our right to privacy ?
Is all of this really keeping us safe

bob3160 · « **Reply #2651 on:** June 27, 2013, 03:40:17 PM »

Perfect Forward Secrecy can block the NSA from secure web pages, but no one uses it!
(Michael Horowitz does a masterful job of breaking down a complex issue into it’s components.
If security is your thing – this is a must read.)

polonus · « **Reply #2652 on:** June 28, 2013, 08:02:56 PM »

Heads-up on this warning coming from Lab65's Ahmad Azziz: http://blog.lab69.com/2013/01/404-and-youve-been-exploited.html
Be aware of

Quote

a trick where browser display an error page (php mysql error, cpanel error, or page not found) with HTTP response 200, but instead, it contains malicious JavaScript code on the backend to exploit users when the page is loaded.

polonus

SpeedyPC · « **Reply #2653 on:** June 30, 2013, 12:09:24 PM »

Hard drive-wiping malware part of new wave of threats targeting South Korea
http://arstechnica.com/security/2013/06/hard-drive-wiping-malware-part-of-new-wave-of-threats-targeting-south-korea/

midnight · « **Reply #2654 on:** June 30, 2013, 12:34:05 PM »

Quote from: polonus on June 28, 2013, 08:02:56 PM

Heads-up on this warning coming from Lab65's Ahmad Azziz: http://blog.lab69.com/2013/01/404-and-youve-been-exploited.html
Be aware of
Quote
a trick where browser display an error page (php mysql error, cpanel error, or page not found) with HTTP response 200, but instead, it contains malicious JavaScript code on the backend to exploit users when the page is loaded.

polonus

This is what showed up when I clicked on your link.