SECURITY WARNINGS & Notices - Please post them here

bob3160 · 2016-09-24T13:24:09.000Z

polonus post:4840:

Be Secure post:4839:

polonus post:4838:

Research: AV vendor’s privacy policy:

https://www.av-test.org/en/news/news-single-view/data-protection-or-virus-protection/

All AV vendors share your data with third parties.

If its free, you are the product. If it aint free you are still the product anyway!!

polonus

What about Avast!?@polonus

They have an Avast Free Privacy Policy and a VPN Privacy Policy: they share a lot of things: https://www.reddit.com/r/technology/comments/3lass7/avasts_privacy_policy_also_states_that_they_share/
Main and solely third partner = Google (Google Tag Manager) - they say they only use your private data statistically, but as Google has acces and on android Google Admob, it is out of sight and Google can sit on it and sell it or turn it over to surveillance if requested and under gag-order),

pol

I prefer this link: https://www.avast.com/en-us/privacy-policy . It’s up to date.
The one you posted gives a chopped up excerpt from a year old forum post.

BeSecure · 2016-09-25T01:28:52.000Z

MarsJoke Ransomware Targets the Government and K-12 Educational Sector
http://news.softpedia.com/news/marsjoke-ransomware-targets-the-government-and-k-12-educational-sector-508608.shtml

polonus · 2016-09-25T14:43:07.000Z

Is the cure worse than the initial problem?
CloudfFlare now offers a solution to the so-called mixed content problem: http://forums.theregister.co.uk/forum/1/2016/09/20/cloudflare_offers_encryption_up_the_wazoo/
Re-writing every link as HTTPS Everywhere where they could, and where they cannot the green padlock is misleading.
They hope soon all of the internet has turned HTTPS Everywhere.

For the record the El Reg is also on American CloudFlare,
and they also dealt an additional little smear to tor-developers, in their article.

By the way CloudFlare implemented their own certificate incorrectly:
Would you trust them with half-baked e2e encryption?

From the crypto-report:

Certificate is not installed correctly
cloudflare.com
This is not a Symantec certificate.
Please contact the Certificate Authority for further verification.
You have 2 errors
RSA wrong certificate installed.
The domain name does not match the certificate common name or SAN.
ECC wrong certificate installed.
The domain name does not match the certificate common name or SAN.
Info
BEAST
This server is vulnerable to a BEAST attack. More information.
Chain installation:
2 certificates found: RSA and ECC.
To view each certificate chain, click a tab below.
RSA
ECC
Certificate information
This server uses an Extended Validation (EV) certificate. Information about the site owner has been fully validated by COMODO CA Limited to help secure personal and financial information.
Common name:

SAN:
cloudflare.com, www.cloudflare.com
Valid from:
2015-Dec-01 00:00:00 GMT
Valid to:
2016-Nov-30 23:59:59 GMT
Certificate status:
Valid
Revocation check method:
OCSP
Organization:
CloudFlare, Inc.
Organizational unit:
COMODO EV Multi-Domain SSL
City/locality:
San Francisco
State/province:
California
Country:
US
Certificate Transparency:
Embedded in certificate
Serial number:
e3bb289893780deab01913b0a1400d77
Algorithm type:
SHA256withRSA
Key size:
2048

polonus

BeSecure · 2016-09-26T01:18:15.000Z

Over 850,000 Devices Affected by Unpatched Cisco Zero-Day
http://news.softpedia.com/news/over-840-000-devices-affected-by-unpatched-cisco-zero-day-508630.shtml

polonus · 2016-09-26T15:36:03.000Z

Free speech under fire where you do not expect it:
http://arstechnica.com/security/2016/09/why-the-silencing-of-krebsonsecurity-opens-a-troubling-chapter-for-the-net/

IOT devices turned against us!

polonus

mchain · 2016-09-26T21:34:48.000Z

polonus post:4845:

Free speech under fire where you do not expect it:
http://arstechnica.com/security/2016/09/why-the-silencing-of-krebsonsecurity-opens-a-troubling-chapter-for-the-net/

IOT devices turned against us!

polonus

Brian Krebs reports Google is now protecting him:
https://krebsonsecurity.com/2016/09/the-democratization-of-censorship/

Today, I am happy to report that the site is back up — this time under Project Shield, a free program run by Google to help protect journalists from online censorship. And make no mistake, DDoS attacks — particularly those the size of the assault that hit my site this week — are uniquely effective weapons for stomping on free speech, for reasons I’ll explore in this post.

polonus · 2016-09-26T22:22:46.000Z

Free VPN or MIM-server? Read: http://lifehacker.com/stop-opera-s-new-vpn-from-leaking-your-ip-address-1773359437
They use surfeasy there. Read: https://www.surfeasy.com/privacy_policy/

polonus

BeSecure · 2016-09-27T01:46:05.000Z

New PonyForx Infostealer Malware Sold on Russian Hacking Forums
http://news.softpedia.com/news/new-ponyforx-infostealer-malware-sold-on-russian-hacking-forums-508661.shtml

BeSecure · 2016-09-27T09:04:32.000Z

The Donald Trump Ransomware tries to Build Walls around your Files
http://www.bleepingcomputer.com/news/security/the-donald-trump-ransomware-tries-to-build-walls-around-your-files/

Asyn · 2016-09-27T09:32:48.000Z

Asyn post:4834:

OpenSSL Security Advisory [22 Sep 2016]
https://www.openssl.org/news/secadv/20160922.txt

OpenSSL Security Advisory [26 Sep 2016]
https://www.openssl.org/news/secadv/20160926.txt

BeSecure · 2016-09-27T11:35:11.000Z

MarsJoke Launches a New Ransomware Approach
http://www.infosecurity-magazine.com/news/marsjoke-launches-a-new-ransomware/

Pondus · 2016-09-27T15:39:30.000Z

PoS Malware: Old Dog Learns New Tricks
http://blog.trendmicro.com/pos-malware-old-dog-learns-new-tricks/

Pondus · 2016-09-27T15:53:47.000Z

Be Secure post:4851:

MarsJoke Launches a New Ransomware Approach
http://www.infosecurity-magazine.com/news/marsjoke-launches-a-new-ransomware/

MarsJoke ransomware targets US government organisations, gives victims 96 hours to pay up before deleting files
http://www.ibtimes.co.uk/marsjoke-ransomware-targets-us-government-organisations-gives-victims-96-hours-pay-before-1583555

mchain · 2016-09-27T22:00:29.000Z

Inside Arizona’s Pump Skimmer Scourge
https://krebsonsecurity.com/2016/09/inside-arizonas-pump-skimmer-scourge/#more-36478
Gas pump skimming is on the rise everywhere.

BeSecure · 2016-09-30T01:46:34.000Z

Brazilian Hospitals Infected with Ransomware After RDP Brute-Force Attacks
http://news.softpedia.com/news/brazilian-hospitals-infected-with-ransomware-after-rdp-brute-force-attacks-508807.shtml

BeSecure · 2016-10-02T01:04:53.000Z

Sneaky JavaScript Waits for User Interaction Before Infecting Them with Malware
http://news.softpedia.com/news/sneaky-javascript-waits-for-user-interaction-before-infecting-them-with-malware-508827.shtml

polonus · 2016-10-04T13:31:42.000Z

Safe on tor. No, your DNS data may help to deanonymize you!
Read: http://www.securityweek.com/dns-data-can-help-attackers-deanonymize-tor-users
and https://freedom-to-tinker.com/2016/09/29/the-effect-of-dns-on-tors-anonymity/
Check: http://simpledns.com/lookup.aspx & http://www.dnsinspect.com/

polonus

Pondus · 2016-10-07T17:33:23.000Z

Use Spotify? You May Have Been Infected With Malware
http://www.makeuseof.com/tag/use-spotify-infected-malware/

http://www.theregister.co.uk/2016/10/06/spotify_malware_free_music_service/

Asyn · 2016-10-08T06:51:40.000Z

Hacked Steam accounts spreading Remote Access Trojan
http://www.bleepingcomputer.com/news/security/hacked-steam-accounts-spreading-remote-access-trojan/

BeSecure · 2016-10-08T14:03:46.000Z

Target Czech-speaking countries, lock screen and pc and encrypts files and adds the extension .k0stya C partition, the D partition is clean!
Kostya Ransomware adds the extension .k0stya!Demonstration of attack video review.
https://youtu.be/Sti6F_VqC7Q
Is Avast! ready to deal with this ransomware?!!! :-\

Announcements