polonus
5501
Thanks Pondus,
Especially endangering to 32% of the android users out on Android 6.0.
Will they all get the update?
The 4-way handshake vulnerable has been around for a shocking 14 years…
link: https://developer.android.com/about/dashboards/index.html
See attached info…
polonus
polonus
5502
DavidR
5503
I noticed the No Script icon went walk about, rather than do as was suggested in that URL, I just went into the Customise option of Firefox and found it in a different location. I just dragged it back down to where I normally have it (bottom right of the window).
polonus
5504
ehmen
5505
In the case of modems and routers received from an ISP, “Date Updated” means on existing devices in people’s homes and offices, or devices people will be getting from now on?
Pondus
5506
Pondus
5507
polonus
5508
Another zero-day in extension used to attack websites with WordPress detected by Wordfence.
https://wordpress.org/plugins/ultimate-form-builder-lite/#developers
pol
polonus
5509
New authentication method on lenovo - FIDO:
They claim to be the first: http://www.businesswire.com/news/home/20171024005571/en/Lenovo™-Intel®-Deliver-Simpler-Safer-Online-Authentication
Is it safe and cannot it be circumvented?
polonus
DavidR
5510
Personally since the various security issues relating to Lenovo, I would be wary of any security related promotion connected to Lenovo.
Previous to my purchase of this win10 acer notebook, lenovo products were attractive given the Performance Vs Price. Security issues however, took lenovo right off my list and they haven’t regained my trust (very hard in my case).
Also fingerprints as a security measure are loosing ground as far as security goes, they can be tricked by a lifted fingerprint. Something that has also been talked about is that fingerprints actually change as we get older; have a look at your fingerprints, the young are relatively clear and well defined those older computer users will see (excuse the pun) that their fingerprints aren’t so clearly defined. They look more worn and faded, possibly more so in those who were in a manual job.
bob3160
5511
As long as we’re just talking about fingerprints, I’ll agree with you. 
DavidR
5512
Yes that is the ‘main’ train of my thoughts fingerprints really aren’t that great as far as security is concerned. There have been articles about biometrics.
“The measurement of physical characteristics, such as fingerprints, DNA, or retinal patterns, for use in verifying the identity of individuals” from http://www.tfd.com/biometrics .
Retinal use for id purposes has also had some negative reports/issues if used for authentication. Whilst the use of DNA is probably the most secure it has a long way to go before it can be used for id/authentication at such a low level. I don’t think that we will see ‘lick/touch screens/pads’ to analyse your saliva any time soon.
polonus
5515
polonus
5516
A typical case of lack of input validation for e-mail fraud- damage for customers could be over a million in dollars…
http://theartnewspaper.com/news/galleries-lose-large-sums-to-cybercrime
2FA, in a lot of cases, it cannot come in too soon,
polonus
polonus
5517
Tor browser IP leaks for linux- and Mac-users:
Tor project came with an important update: https://blog.torproject.org/tor-browser-709-released
This bug was detected as a design flaw: https://trac.torproject.org/projects/tor/ticket/24052
For some the leakage was hard to reproduce.
Probably the design error was found, because of the transition to unix domain sockets.
Read about this by Robert Ransom at this link: https://packetstormsecurity.com/files/112439/torproxy-bypass.txt
How to reproduce an example was given here: https://trac.torproject.org/projects/tor/ticket/5741
Download and verify "tor-browser-gnu-linux-i686-2.2.35-10-dev-en-US.tar.gz"
Start up Wireshark to monitor your network, optionally filtering for "dns"
Unpack Tor and start it by running the "start-tor-browser" script
Once TorBrowser is open, go to "?http://bitcoincharts.com/"
See DNS request for "bitcoincharts.com" being logged in Wireshark
System information:
Tor Browser Bundle for 32-bit Linux, version 2.2.35-10
Running on Fedora 16
To reproduce the exact syntax used and configuration are important,
obfuscation already can be an erroneous factor,
those into reproducing could come up with their own “scrum-report” of sorts.
(info credits security dot nl).
polonus
P.S. The right order and right use of vpn and tor on whonix could be critical for security reasons.
Important notice:
Remember to use these anonimity tools only for legitimate use. Abuse of such services is an legal offence,
and abusers will often suffer the consequences, when found out. No hacker is really out of harm’s way. 
In some countries the use of such tools may be forbidden (certain VPN services in the Russian Federation,
when keys are withheld from the authorities).
Damian
polonus
5518
polonus
5519
PHISHING back as one of the major Internet threats, why so few phishing websites are actually detected and blocked by AV?
See the report: https://security.googleblog.com/2017/11/new-research-understanding-root-cause.html
Best phising detection performance from IDS alerting “fortinet’s” see urlquery.net results.
Also check on: http://www.urlvoid.com/scan/freckleface.com.au/
Bitdefender TrafficLight extension and Webutation Rating also do a fine job.
The average AV solution often miserably fails in detecting or
are detecting long after the fact, when the actual phishing campaign is long over.
Third party content blocking via NoScript and uMatrix and browser hygiene is your best option.
Just an example where average AV fails: http://www.urlvoid.com/scan/freckleface.com.au/ → https://urlquery.net/report/7e257590-c233-482d-871b-db7baadbb167
where only OpenPhish and fortinet detect and alert this.
Also has to do with what we consider accepted legal phishing by a big techno corporation, like Google’s for instance,
and what is considered as ‘bad phishing’, two standards going and a lot of confusion for the modern end-user :
polonus (volunteer website security analyst and website error-hunter0
bob3160
5520
This needs to be done ASAP - Disable SMB1
Server Message Block (SMB) is a local network file sharing protocol designed for sharing data, printers, etc.
between computers. SMBv1 is the formative iteration of the protocol which has since been replaced by SMBv2 and SMBv3.
SMB1 is still enabled by default in Windows simply to cater for specific older software which hasn’t been updated to support SMB2 or SMB3.
Microsoft will be disabling SMB1 by default starting with the Windows 10 Fall Creators Update.
It was still turned on on my systems and they are all running Windows 10 Fall Creators Update
