Author Topic: Tests and other Media topics  (Read 364976 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #915 on: July 14, 2021, 05:54:09 PM »
Block ads, want to add some blocklists to your adblocker of choice:
https://firebog.net/

Tool to keep all in sync: https://github.com/jacklul/pihole-updatelists

DNS Analytics: https://blog.cloudflare.com/dns-analytics/

Enjoy, my good friends, enjoy,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #916 on: July 19, 2021, 01:03:54 AM »
Test your magenta CMS site through MageReport dot com. Here we will see outdated CMS being flagged.

Re: https://urlscan.io/result/4bcc9cbb-8242-4929-bc0c-5e7becd532b6/
and https://www.magereport.com/scan/?s=http://martfurynew.mydevportals.com/

Do not venture out there as the connection is not secure.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #917 on: July 22, 2021, 11:47:04 AM »
Pegasus Spyware: Amnesty International has come out with a tool, to check your smartphone for this spyware:

https://github.com/mvt-project/mvt

Link to a list of IOC's to use (Indicators of Compromise) here: https://www.security.nl/posting/712743#posting713140

It needs some niftiness handling a command line, but it is a way for people to establish whether they have been targeted.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #918 on: July 26, 2021, 02:47:02 PM »
Check for fraudulent IP: https://scamalytics.com/ip

Also: https://www.abuseipdb.com/

IP v4 v6 Intelligence: https://ip-46.com/

Don't forget about Avast Online Security in your browser, also report there.

Also: https://phishcheck.me/6224/details (random example) ; https://www.scam-detector.com/article/list-of-scamming-websites/ ;
https://www.azsecure-data.org/phishing-websites.html  &  https://www.consumerfraudreporting.org/current_top_10_scam_list.php

Re: https://www.virustotal.com/gui/domain/mercetruck.com.br/detection (latest detection by Phisbank, 4 vendors detect).
Unprotected Magento website: https://www.magereport.com/scan/?s=http://www.mercetruck.com.br/
Insecure connection to -http://162.144.139.197/cgi-sys/defaultwebpage.cgi

polonus
« Last Edit: July 26, 2021, 06:20:43 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #919 on: July 28, 2021, 06:57:40 PM »
Checking URLhaus links with Link Extractor and at VT.
https://urlhaus.abuse.ch/browse.php?search=https%3A%2F%2Fdocs.zohopublic.com%2F  (Trickbot, rob114, rob111, -dll malware)
Example -https://urlextractor.net/?target_url=https%3A%2F%2Fdocs.zohopublic.com%2F&href=1&link_type=all&image=1&meta=1&extract=Extract+Links
with 9 links (minus - when you want to venture to visit urlextractor yourself).

1 to detect: https://www.virustotal.com/gui/url/336cc2ea335242788e4c4a0c814c043b81001e82216b7cce9263045169b3ee2f/detection

For that link at URLhaus behind a London proxy I get:
Quote
Banned

Guru Mediation:
Details: cache-ams21032-AMS 16274908XX YYY5846374

Site issue: https://sitecheck.sucuri.net/results/https/accounts.zoho.com/signin?q=servicename%3DZohoPC%26serviceurl%3D%252Findex.do   - 204.141.42.100 abuse

Detected android files (10), see for IP: https://www.virustotal.com/gui/ip-address/204.141.42.97/relations

polonus (volunteer 3rd party website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #920 on: July 29, 2021, 10:27:30 PM »
Checking with extensions in Chrome for security issues on websites.

In general: Avast Online Security - Bitdefender's Traffic Light - Dr Web Link Checker (also out as an online service).
Netcraft Extension, Recx Security Analyzer, retire.js (no longer available as an online service), Quick Source Viewer, , VT4 browser extension, Zenmate Web Firewall (no longer available), just recently new: punkspider-browser-extension (also coming soon as an online service), Shodan, Tracker SSL.

Punkspider checks for SQLI, TRAV, XPATH and XSS vulnerabilities.

Also use this scan: (random example)
https://snyk.io/test/website-scanner/?test=210729_BiDcDR_4cd520c32268413a93d0db4d09dc1f4a

polonus
« Last Edit: July 30, 2021, 12:34:41 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33258
  • malware fighter
Re: Tests and other Media topics
« Reply #921 on: August 02, 2021, 05:54:35 PM »
Criminals used punycode domain to imitate Brave.com.
The real criminal issue is that such DNS registrations are for sale.

Test in your browser, whether you get an alert: https://www.xn--80ak6aa92e.com/
Google Chrome will alert you, and you can choose to mind that warning (the best option) or ignore.

Here a punycode converter: https://www.punycoder.com/

When using firefox browser
In Firefox:
1. Open about:config
2. Set the value "network.IDN_show_punycode" to "true"
Fixed.


pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!