DavidR
5521
@bob3160
Very interesting, but I do find the response by many companies “Vendor does not publicly document their requirement for SMB1.” That is pretty poor and almost an admission that they do use it, this certainly doesn’t help the user protect their system.
I would be seriously looking to get rid of any program that doesn’t comment on their use of SMBv1, if they do, then their users systems could be at risk. If they don’t use it (or use a later version of SMBv?) then their users aren’t at risk, but should still disable SMBv1.
bob3160
5522
I’m happy to report that disabling SMB1 has not effected my new Epson ET-2650 printer. 
polonus
5523
Another vulnerable Word Press plug-in reported by Sucuri’s:
https://blog.sucuri.net/2017/11/sql-injection-bbpress.html
Check Word Press here: https://hackertarget.com/wordpress-security-scan/
and via domxssscanner.com/scan
polonus (volunteer website security analyst and website error-hunter)
polonus
5524
White House announces their new zero-day announcement policy.
What to announce and publish, what to patch and what to keep secret to use by government services,
hopefully unknown to other parties.
https://www.whitehouse.gov/blog/2017/11/15/improving-and-making-vulnerability-equities-process-transparent-right-thing-do
Mind that zero-day info proliferation is always bad and especially
when eventually all knowledge will land into the hands of oponents or criminals (cyberthreats).
No zero-days and full transparency and a full secure and safe infrastructure should be the ideal we are after,
but that is outside a real world situation and does not suit common big government’s AI surveillance demands.
polonus
bob3160
5525
polonus
5526
Agree with you there, bob3160, a form of wising up.
Damian
polonus
5527
Torbrowser, scripts and compromittal of nodes.
When using tor-browser for legit purposes, you do not want your entry nodes compromised.
What to do when all your entry nodes are exclusively US or UK nodes for instance?
Well you could set these settings in your config
StrictNodes 1
ExcludeNodes {US}
Quote info credits go to: alexey vesnin
Those that do not read-in sufficiently on protocols and settings and the inner workings of a tool
will be a danger to themselves and others on tor.
Lack of proper knowledge is an endangering neglicence.
That is one of the reasons why a lot of dumb criminals do not find a legit job,
as they will get caught for not paying attention.
Tor developers learned from Operation Onymous for instance
where the basic protection of tor was being compromised,
when ten exit nodes were being taken down at once,
and in Miami and Amsterdam three servers were confiscated.
Tor developers like to understand as how to better protect through entry guard.
Not that they wanna frustrate taking down illegal or criminal servers,
but they wanna protect against compromise through dictatorial regimes against journalists,
that seek to protect their privacy through the use via tools like tails and tor.
Always true however: “Do not do the crime, if you cannot do the time!”.
Stay away from tor whenever you can avoid it
and do not share with the Internet what you do not wanna share with others.
polonus
polonus
5528
Pentagon leaks data through Amazon S3 buckets
Read: https://www.upguard.com/breaches/cloud-leak-centcom
Unless the fact that Amazon introduced new warning for leakage measures:
https://aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features/
Good to read further here: https://blog.detectify.com/2017/07/13/aws-s3-misconfiguration-explained-fix/
A misconfiguration in the cloud, could leave you with a lot of data-breach misery.
The six vulnerability schemes that were (‘hopefully not any longer there’):
Amazon S3 bucket allows for full anonymous access
Amazon S3 bucket allows for arbitrary file listing
Amazon S3 bucket allows for arbitrary file upload and exposure
Amazon S3 bucket allows for blind uploads
Amazon S3 bucket allows arbitrary read/writes of objects
Amazon S3 bucket reveals ACP/ACL
"Yes, baby, it is a wild world on that infrastructure :o ".
Amazon getting too big to fail will mean an advanced security risk.
More of a mono-culture will always mean more attack surface,
and that means increased targeted attacks and threats.
polonus
system
5529
i don’t know where to post this
so this is as good as any place
the new avast is deleting files that worked well for years and doesn’t let me recover or exempt them from the deletion
if there is a way to fix it plz inform otherwise i am on the hunt for another antivirus 
bob3160
5530
In your own new topic in the following forum:
https://forum.avast.com/index.php?board=4.0
Describing when these files got deleted would help.
A screenshot would also be be of help.
Are those files now in the virus chest???
DavidR
5531
This topic and sub-forum is unrelated to your problem the Virusers & Worms sub forum.
This is where you report a suspected false positive. At the top of these forums is a New Topic button to start your own new topic.
You will need to give more information on the ‘file name’, ‘location’ and ‘malware name’ given in the detections.
polonus
5532
Hundreds of very popular top sites will send all your keystrokes, mouse movements, scrollbehavior and content of visited pages to 3rd parties via so-called replay-scripts, and this without your consent or you even knowing. It is almost resembles someone shouldersurfing you all of the time. :o
Very personal private data you share with the Internet like your private medical data, your credit card data and/or other personal private data could literally all have flown ‘out of the window’ by now.
Read: https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/
Most adblock scripts do not cover (all of) such replay-scripts .
Launchers thereof also do not honor the DoNotTrack setting in browsers.
Big websites do not respect their end-users’ integrity.
I hope this will come to bite them in the end and they will pay with popularity.
Time for NoScript, uMatrix or a key scrambler now?
polonus
polonus
5533
This is the list of shame:
https://webtransparency.cs.princeton.edu/no_boundaries/session_replay_sites.html
We should not be run such scripts in clients.
Whatever they wanna do with code on their servers is their thing,
but keep it out of my browser please.
polonus
Asyn
5534
Vulnerability Note VU#817544
Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard
https://www.kb.cert.org/vuls/id/817544
polonus
5535
Asyn
5536
polonus
5537
Word Press websites attacked through holes in two popular plug-ins:
https://blog.sucuri.net/2017/11/formidable-forms-shortcodes-ultimate-exploits-in-the-wild.html
Check the security of a Word Press website domain here: https://hackertarget.com/wordpress-security-scan/
Also check for retirable jQuery code: retire.insecurity.today/#
and check here: https://aw-snap.info/file-viewer/
Keep your website CMS up to date and fully patched also to keep others more secure!
polonus (volunteer website security analyst and website error-hunter)
system
5538
https://blog.imgur.com/2017/11/24/notice-of-data-breach/
imgur, a popular image hosting site has been hacked.
“On the morning of November 24th, we began notifying impacted users via their registered email address. We are immediately requiring that these users update their password.” imgur
polonus
5539
Hidden trackers in popular Android-apps: Read: https://privacylab.yale.edu/press
A solution outside of the Google webshop (because it is not allowed there,
because it interferes with the Google business model of data-slurping,
profiling and tracking all of your data
= blokada - Blokada is a free, open source, compact,
fast ad blocker for Android that works for all apps and does not require root.
→ https://github.com/blokadaorg/blokada
Best browser on android i.m.o. = Brave together with Disconnect me.
polonus (volunteer website security analyst and website error-hunter)
polonus
5540
