4861

List of 5900 webshops that have criminals skimming your creditcards : https://gist.github.com/gwillem/41084af200e0e5a8455681fa5858f5cc
Info credits: Willem de Groot, who has put this list online.

polonus

4862

https://www.hackread.com/winrar-truecrypt-installer-dropping-malware/

4863

5900 online stores found skimming > https://gwillem.github.io/2016/10/11/5900-online-stores-found-skimming/

4864

Microsoft Security Bulletin Summary for October 2016
https://technet.microsoft.com/library/security/ms16-oct

4865

EFF warns against some use of Whatsapp,
read]: https://ssd.eff.org/en

Be aware of the Whatsapp cloud, it does not have e2e.
Be aware of malicious update-messages. These are viruses.

We advise you here not to share with the Interwebs,
that what you would not be eager to share with members of the general public.

If it is fit for everyone to read, you have less to worry.
Do not let your utterings come to bite you later.

Yes everything is being monitored,
and yes, politically correct censorship already exists.

polonus

4866

Not nice when your personal data have been spilledhttp://www.theregister.co.uk/2016/10/13/us_data_aggregator_megabreach/

They failed to check here: https://haveibeenpwned.com/

polonus

4867

Several Exploit Kits Now Deliver Cerber 4.0
http://blog.trendmicro.com/trendlabs-security-intelligence/several-exploit-kits-now-deliver-cerber-4-0/

4868

Exotic Ransomware Author Tries to be Friends with Security Researchers
http://news.softpedia.com/news/exotic-ransomware-author-tries-to-be-friends-with-security-researchers-509339.shtml

4869

TrickBot Shows Strong Connection to Old Dyre Banking Trojan
http://news.softpedia.com/news/trickbot-shows-strong-connection-to-old-dyre-banking-trojan-509344.shtml

4870

Hi Pol/guys, anyone got a mirror link, seems the list is down on GitHub (404). Thanks.

4871

SUPEE-8788 (Magento)
https://magento.com/security/patches/supee-8788

4872

Sierra Wireless Mitigations Against Mirai Malware
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-16-286-01

4873

Regulators are deciding the future of Europe’s Internet right now.

https://www.savenetneutrality.eu/?from=banner&optout=true

polonus

4874

Detecting Malware Outbreaks Faster Using Multiple Anti-malware Engines
https://www.opswat.com/blog/detecting-malware-outbreaks-faster-using-multiple-anti-malware-engines

4875

https://gwillem.gitlab.io/2016/10/14/github-censored-research-data/

4876

Reply from F-Secure

We have finished analyzing the submitted URLs, and 176 of the provided URLs have been found to be malicious, for which the appropriate ratings have been added. The updated ratings shall be reflected automatically via Security Cloud otherwise known as ORSP.

4877

@Asyn,

New link where the list resides: https://github.com/gwillem/ecommerce-malware-collection/tree/master/js
Check these with a Magento security scanner like: https://www.magereport.com/scan/?s=
and other scans in your toolchest.

enjoy, my good friends,

pol

P.S.
Nota Bene.
Mind you. This is a commercial list to sort of “lure” infested or (potentially) insecure webshop owners
to Byte.BV’s security support services.
This as the creator, Willem de Groot, of the forementioned list, is also owner of this firm/hosting service,
Byte B.V. in the Netherlands. So his intentions with the list and all may differ from our intentions with it.

Just wanted to remind you of this situation, as it only seems fair to do so.
Notice polonus is a 100% purely unbiased & independant avast support forum volunteer website security specialist.
and I have no interest in this list as only for research purposes.
Seems only 176 webshops are really malicious as such.

Damian

4878

Hi pal, new (updated) list here: https://gitlab.com/gwillem/public-snippets/snippets/28813

Cheers,
Asyn

4879

Thanks for that one, Asyn. Bookmarked. We’re even now. :wink:

Would be great to go over that list with some specific scans: http://www.domxssscanner.com/ &
san at: https://observatory.mozilla.org/
and then put the suspicious code through an unpacker for errors (bugs and insecurity).

Fact is that loads and loads of websites, especially the smaller ones, but not necessarily so,
have sloppy IT managment (update/patch management etc.),
and are therefore insecure and open to abuse/infection.

A lot of those on the Willem de G. list also comes blocked with firehol: https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_webserver.netset

Have a nice day, ye all,

polonus (volunteer website security analyst and website error-hunter)

4880

WordPress sites hacked via new Marketplace plug-in zero-day:
http://labs.sucuri.net/?note=2016-10-17
Obfuscated backdoor code detected…

polonus