Chrome extension gave 105.000 users a crypto-miner:
https://productforums.google.com/forum/#!topic/chrome/b0JUzg4HYtI
Crypto mining a growing problem next to ad-launching and spamming.
The extension is still there :
polonus
Magento breach through helpdesk software:
http://gwillem.gitlab.io/2017/12/28/hackers-breach-magento-through-helpdesk/
pol
Your leaking privacy on Google etc. long gone out of the windowā¦
will they ever do something about this or wonāt they even bother to consider it?
polonus
Personally never believed in security of browser password managers,
now webtrackers abuse them to track you all over the Interwebs. :
To solve this in firefox (old) - FF/PaleMoon users: āabout:configā > āsignon.autofillFormsā > āFALSEā [SOLVED]
polonus (volunteer website security analyst and website error-hunter)
A Huge Intel Security Hole Could Slow Down Your PC Soon
https://www.howtogeek.com/338269/a-huge-intel-security-hole-could-slow-down-your-pc-soon/
OS Makers Preparing Patches for Secret Intel CPU Security Bug
https://www.bleepingcomputer.com/news/security/os-makers-preparing-patches-for-secret-intel-cpu-security-bug/
Intel Denies Reports of Huge Performance Dip Due to Patches for CPU Security Bug
https://www.bleepingcomputer.com/news/hardware/intel-denies-reports-of-huge-performance-dip-due-to-patches-for-cpu-security-bug/
Protect yourself:
How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/
List of Meltdown and Spectre Vulnerability Advisories, Patches, & Updates
https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/
Google: Almost All CPUs Since 1995 Vulnerable To āMeltdownā And āSpectreā Flaws
https://www.bleepingcomputer.com/news/security/google-almost-all-cpus-since-1995-vulnerable-to-meltdown-and-spectre-flaws/
Mozilla Confirms Web-Based Execution Vector for Meltdown and Spectre Attacks
https://www.bleepingcomputer.com/news/security/mozilla-confirms-web-based-execution-vector-for-meltdown-and-spectre-attacks/
Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock
Mozillaās Firefox update tp patch against the Spectre attack:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
Never download unknown software from unknown sources and stay safer!
Up to the next hyped issue!
polonus
Crafty malware botnet infects Linux-servers via SSH with cryptominer to mine around 158 Monero.
polonus
Open wifi hacking for fun and bitcoin mining:
https://forums.theregister.co.uk/forum/1/2018/01/05/wi_fi_crypto_mining/
The predictable script kiddie version of this attack can easily be detected by av,
that is why it has been published.
polonus
Since the value of Bitcoins just took a nosedive, wonder how long this will still be used.
Hi bob3160,
The whole bitcoin project was never to create a new currency with, to swap money easily around yes, could well be,
but the basics were a prelude to arrive at a new form of de-centralized Internet, the so-called āGolem Projectā.
As with the original Golem of Prague it matters who holds the āalephā in the Hebrew word āemetā = truth,
when you take that off you are left with āmetā, meaning ādeadā, and the Golem returned to the dust,
it was created from and stiil can be found in the attic of the Alt-Nay ×¢Ö·× ×ŖÖ°Ö¼× Ö·× Schul in Prague.
Damian
Nvidia vid-cards Spectre vulnerable:
http://nvidia.custhelp.com/app/answers/detail/a_id/4611
polonus
Ad-industry keeps websites in the dark about privacy abuse!
Read this report: https://webtransparency.cs.princeton.edu/no_boundaries/session_replay_sites.html
Thousands of websites are sending all your keystrokes via replay-scripts, even with certain adblocking active.
Full list of abusers: https://webtransparency.cs.princeton.edu/no_boundaries/data/sr_site_list.csv.zip
See attached image.
So keep your visors up, block those that ignore your privacy and grab all of your data without consent.
polonus
@ Damien,
A new tool to try:
https://screencast-o-matic.com/screenshots/u/Lh/1516216058239-79296.png
@ bob3160,
Steve came up with a new version of the tool. Tried it, it is good and settings stay undefined and restricted.
But alas there are two new attacks in the pipeline based on Spectre and Meltdown, called after the James Bond-films: "Skyfall"and āSolaceā. Particulars arenāt known yet: https://skyfallattack.com/ & https://solaceattack.com/ both Mythic Beastsādomains from the UK (Google driven) on server s on UK and USA, Peter Stevens Cambridge. ā https://toolbar.netcraft.com/site_report?url=http://onza.mythic-beasts.com
pol
Iād like to place a security/spam warning.
How can I start a new topic here?
We are dealing with the spam as itās posted. Avast needs to come up with a permanent way to block spmmers from getting to the forum.
Unfortunately that may make it harder for new users to get to the forum.
desuCrypt Ransomware in the Wild with DEUSCRYPT and Decryptable Insane Variants
https://www.bleepingcomputer.com/news/security/desucrypt-ransomware-in-the-wild-with-deuscrypt-and-decryptable-insane-variants/
Rapid Ransomware Continues Encrypting New Files as they Are Created
https://www.bleepingcomputer.com/news/security/rapid-ransomware-continues-encrypting-new-files-as-they-are-created/
Hacker Uses Malware to Steal Gas From Paying Customers
https://www.bleepingcomputer.com/news/security/hacker-uses-malware-to-steal-gas-from-paying-customers/