SECURITY WARNINGS & Notices - Please post them here

General Topics
1

It was suggested that we needed these all in one thread. So, I have created this thread for that use and hope that all will use this thread to post the security warnings on this forum.

Here is a link to the posting that prompted this thread.

http://forum.avast.com/index.php?topic=52250.msg442193#msg442193

1 Like
2

Now we just need a mod to make it a sticky, and we’ll be set!

3

If everyone placed the security warnings in here it wouldn’t need to be sticky as the activity would keep it high, as is seen with the >> Updates << topic.

I have an aversion for stickies, almost as severe as for toolbars ;D

4

I for one wouldn’t mind a sticky for this thread here :wink: such a thread is obviously needed and…and thanks to the OP for starting it :slight_smile:

5

How do you tell if a topic is a sticky?

It sure is easy in Malwarebytes forum:
http://www.malwarebytes.org/forums/index.php?showforum=11

@ DavidR

+1

6

like that ;D

7

Sticky isn’t needed since this will rise to the top each time an entry is posted which is the same criteria with many other frequent Threads. :slight_smile:
( missed Davids post. :slight_smile: )

8

i got it, i got it! ;D

nevermind the sticky subject…

9

Rogue antivirus lurks behind Google Doodle searches
http://www.networkworld.com/news/2009/121609-rogue-antivirus-lurks-behind-google.html?t51hb

Five things you need to know about social engineering
The more victims who click links and install the bad guy’s software, the more money the criminals make
http://www.pcworld.idg.com.au/article/330130/five_things_need_know_about_social_engineering?fp=4&fpid=776400

10

A lot of malware lurks in google searches, some even have the brass neck to pay for search placement on specific search words/terms or have sponsored links. Google really need to be more proactive in rooting out the possibly malicious/fraudulent sponsored links or search placement.

11

+1.
I use a hosts file, and SpywareBlaster. (Yeah, belts and braces, I know…).
If I’m careless enough to click on any of those Google sponsored results that rise to the top like a pale yellow scum, about 9 times out of 10 my browser can not connect to the site.
Fine by me.

12

Google sponsored results ??? what’s that ??? >>>>>>>>>>>>>>>>> http://adblockplus.org/en/ ;D (or “adthwart” in Chrome)

13

Well there is always the CustomizeGoogle add-on which I use and I never see sponsored ads anyway, my comment was one of caution for others considering the sponsored links.

14

yeah I got CustomizeGoogle as well with ads blocked wherever it’s possible. I never mention it because it’s set once for all, and I forget about it, while abp allows to block more than what’s on the EasyLists, on demand. It’s just that ABP has more visibility during the browsing. Sorry for the off topic :wink:

15

Just made a topic about this, but thought I would post here too anyway.

Modern Warfare 2 servers hacked, Trojan’s inserted.
http://www.infinityward.com/forum/viewtopic.php?f=24&t=181646

16

Hi you malware fighters and posters of this thread,

Well, add this link and read the bottom posting there please?
http://forum.avast.com/index.php?topic=52349.msg443049#msg443049

and then add this one as well as a Security Warning:
http://forum.avast.com/index.php?topic=52310.msg442762#msg442762

pol

17

SSL-servers targeted by botherders
To-day by polonus
Comments and reactions:

Not only Windows desktops are targeted by botnet herders that want to enlarge their botnets, also more and more they will target FTP, SSL and webservers to be taken over. The hijacked or hacked servers will then often function as malcode database or are being used to forward spam. According to Finnish av vendor F-Secure FTP servers are the favorite hack target for cybercriminals. “We also saw that where SSL-servers were being abused. Sites with a valid SSL-certificate become hacked and then abused for drive-by downloads”, according to reasearcher Mikko Hypponen.

Through running a drive-by download via a HTTPS-connection some proxy and gateway scanners cannot scan for malware. “Then it is easier to break into servers”, says Hypponen. Then server botnets are being formed out of these hacked servers, functioning as a form of sub-botnets. “We now see server botnets. An interesting feature is that these interconnected server botnet is herded by one individual”, says Shadowserver Foundation’s DiMino. Servers are to facilitate botnet extension and expansion.

Server-bots
In the mean time we spotted specific server-bots to use PHP and Perl to change servers into realtime spam machines. “The benefit there is the enormous amount of bandwidth and power to maximize the amount of spam sent.” According to security expert Marc Maiffret botherserd are recruiting attackers that are experienced server hackers. Maiffret expects legit websites to be the main target for webattacks in 2010 and beyond:
http://www.darkreading.com/vulnerability_management/security/app-security/showArticle.jhtml;jsessionid=4RTX0GD0KT3ILQE1GHPSKHWATMY32JVN?articleID=222002433

pol

P.S. If these malserver bots perform a man in the middle attack you can forget SSL security alltogether,

D

18

Unless something is seriously done about all these drive by attacks,
the internet as we know it will soon cease to exist. :cry:

19

Misplaced security warning notice :

http://forum.avast.com/index.php?topic=52307.msg442708#msg442708

20

Another misplaced security warning :

http://forum.avast.com/index.php?topic=52349.msg443049#msg443049