4941

Hi bob3160,

Could you mention anything completely safe or secure in life? ;D
I can not.

polonus

4942

“Alice” :slight_smile:

4943

Nothing better than a loving spouse. :wink:

4944

Installing the wrong extension could open your browser up to browser hijacking.
Hotspot Shield Free VPN Proxy, I wonder whether that one is safe?
Google may warn you: https://nakedsecurity.sophos.com/2014/02/06/google-chrome-will-warn-you-when-its-been-hijacked/

polonus

4945

Cerber Ransomware 5.0 Released with a Few Changes
http://www.bleepingcomputer.com/news/security/cerber-ransomware-5-0-released-with-a-few-changes/
Hope avast ready to deal with this. :wink:

4946

Mirai botnet targets Deutsche Telekom routers in global cyberattack
https://www.engadget.com/2016/11/29/mirai-botnet-targets-deutsche-telekom-routers-in-global-cyberatt/

http://arstechnica.com/security/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/

http://www.infoworld.com/article/3145883/security/the-new-mirai-malware-strain-has-gone-beyond-deutsche-telekom.html

4947

0-day exploit in Firefox (Windows)
http://arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/

Makes you wonder how Mozilla “fixed” it 3 years ago… :-\

4948

Hi Eddy,

Everybody knows that to be really secure using tor, one should not enable javascript in the tor-browser.

Whenever your privacy is on the line, the situation we live in to-day means not to go online or risk to loose your anon/privacy.

Also rather would see uMatrix come to tor than noscript of older tor- firefox browser versions used as tor-fork (5 versions behind?!?)
Idiotic that tor-users work tor built on a firefox 45 version. Absurd.

Wonder normal firefox is also affected by this exploit in the on-going battle between end-users
versus governmental, commercial and cybercriminal surveillance-snoopers.

polonus

4949

More Than 1 Million Google Accounts Breached by Gooligan

http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan

As for the Firefox issue, it seems to effect all versions.

4950

All versions that are actually using TOR that is.

4951

Hi DavidR & Eddy,

Regular firefox and the tor browser has been updated to patch that hole.
Tor browser goes to version 6.0.7 and Firefox to version 50.0.2.

More info on Tor can be had here: https://blog.torproject.org/blog/tor-browser-607-released

polonus

4952

Yes, just updating to 50.0.2 now.

4953

Firefox SVG Animation Remote Code Execution (FF/FF ESR/TB)
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/

4954

Tech support scammers up their game with ransomware (UPDATED)
https://blog.malwarebytes.com/threat-analysis/2016/11/tech-support-scammers-up-their-game-with-ransomware/

https://www.neowin.net/news/ransomware-connects-victims-to-fake-microsoft-technicians-to-have-their-files-decrypted

4955

6700 webshops infested with Magento mage.jpg malware:
https://gwillem.gitlab.io/2016/12/01/visbot-malware-on-6691-stores-analysis/

Re: http://www.snapfast.com/blog/magento-mage-jpg-hack/
Infested webshops use Magento and have not installed a vital security update: https://www.security.nl/posting/448375/Magento%3A+gehackte+websites+hebben+update+niet+geïnstalleerd

More on visbot: https://www.bleepingcomputer.com/news/security/visbot-malware-found-on-6-691-magento-online-stores/

A creditcard with rotating CVV code seems the best protection scheme against such hard to detect malware.
High time for high tech cards to be rolled out.

polonus

P.S. Magento shop owners can scan here: https://www.magereport.com/
(info cedits go out to Willem de Groot)

4956

Here the latest Willem de Groot list of compromised shops:
https://sritest.io/#report/a35c19be-bb83-4af9-b57a-2c2ef0936d17
https://gwillem.gitlab.io/https://gitlab.com/gwillem/public-snippets/snippets/28813

polonus

4957

Sh… IoT just got real: Mirai botnet attacks targeting multiple ISPs
http://www.theregister.co.uk/2016/12/02/broadband_mirai_takedown_analysis/

Shamoon malware returns to again wipe Saudi-owned computers
http://www.theregister.co.uk/2016/12/02/accused_iranian_disk_wiper_returns_to_destroy_saudi_orgs_agencies/

4958

Avast Releases Four Free Ransomware Decryptors
https://blog.avast.com/avast-releases-four-free-ransomware-decryptors

4959

Google’s Invisible CAPTCHA coming to a site near you!

: https://www.google.com/recaptcha/intro/comingsoon/invisible.html

More security through obscurity or meant as an advanced surveillance threat for the anonymous tor-user?
Hiding the captcha vault in plain sight, how long will it last before they have to think of something new?

polonus

4960

Is there something wrong with making it easier for the average user while making it harder on the bad guys ???