Facebook security breach - what should you do?
https://blog.avast.com/facebook-security-breach-what-should-you-do
Popular CMS will still accept older PHP versions. T0-day Drupal will run with PHP 5.5.9. Joomla demands at least PHP 5.3 and WordPress still will accept PHP 5.2.4.
Always be aware for PHP vulnerabities like this authentication bypass - http://yaisb.blogspot.com/2006/08/authentication-bypass_07.html * could reapear encrypted
code source credits go to: RYAN *<script> <!-- document.write(unescape("%3C%3F%0A%0Aif%28%21isset%28%24_SESSION%5B%27session%27%5D%5B%22privLvl%22%5D%29%29%20%7B%20%0A%20header%28%22Location%3A%20login.php%22%29%3B%0A%20exit%28%29%3B%0A%7D%0A%0Aecho%20%22BIG%20SECRET%21%22%3B%0A%0A%3F%3E")); //--> </script>translating to
//document.write (s) <? if(!isset($_SESSION['session']["privLvl"])) { header("Location: login.php"); exit(); } echo "BIG SECRET!"; ?>
polonus
Kraken Cryptor Ransomware Connecting to BleepingComputer During Encryption
https://www.bleepingcomputer.com/news/security/kraken-cryptor-ransomware-connecting-to-bleepingcomputer-during-encryption/
Remote Code Execution Flaws Found in Popular OS Powering Embedded Systems
https://www.bleepingcomputer.com/news/security/remote-code-execution-flaws-found-in-popular-os-powering-embedded-systems/
Every time I create a web account I create a new email address which is forwarded to my real email address. I never use that email address for anything else. That way, if I get emails to that address that I should not, I know site is marketing my address or that they have been hacked.
I just received an email from a hacker warning of dire consequences if I don’t pay big time. (I know it is not true but just a scam.) However the scam email was sent to an email address which has never been used for anything except to logon to this site. I have not used it for several years (until the scammer used it today.) My domain is one they would not likely try (it’s something like ky7620z.com.) It is not very comforting that an antimalware site has been hacked like that.)
I have deleted the forwarder so the email address no longer exists. Avast needs to be more careful to protect its customers.
Avast wasn’t hacked. This forum was some years back - https://www.grahamcluley.com/avast-forum-hacked/
The email scam you’re describing sounds like the one that did the rounds not long ago, some guy reckons he’s recorded you watching porn and has collected all your contacts and if you don’t pay the ransom he’ll forward the video to all your friends yada yada yada :
I also got the same scam email which was an old email used for this forum 4 years ago, Avast did change their registration process after that hack to further prevent it happening again.
Unfortunately these forum hacks are happening more and more often, Malwarebytes was struck somewhere back around the same time as Avast, Adguard was hit only a few weeks ago also and just about all emails were pawned.
It’s crazy how many Government offices and other businesses have been hit recently, sadly it’s only going to get worse 
Check your email here https://haveibeenpwned.com
BA website hijacked by Magecart. Again.
https://blog.avast.com/ba-website-hijacked-by-magecart-again
Flaws in self-encrypting SSDs let attackers bypass disk encryption
https://www.zdnet.com/article/flaws-in-self-encrypting-ssds-let-attackers-bypass-disk-encryption/
Strange snafu misroutes domestic US Internet traffic through China Telecom
https://screencast-o-matic.com/screenshots/u/Lh/1541514867099-95901.png
Data storage devices from Samsung and others leave customers at risk
https://blog.avast.com/security-flaws-found-in-widely-used-data-storage-devices-avast
WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover
https://www.bleepingcomputer.com/news/security/wordpress-design-flaw-woocommerce-vulnerability-leads-to-site-takeover/
WordPress sites hacked via hole in GDPR-plug-in:
https://www.wordfence.com/blog/2018/11/privilege-escalation-flaw-in-wp-gdpr-compliance-plugin-exploited-in-the-wild/
Abuse reported: https://www.reddit.com/r/Wordpress/comments/9vbtdb/slew_of_user_registrations_and_privilege/
Other abuse: https://www.wordfence.com/blog/2018/11/trends-following-vulnerability-in-wp-gdpr-compliance-plugin/
polonus
N.B. On a specific abuser: https://raidboxes.at/sicherheitsluecke-dsgvo-plugin-wordpress/
Read the analysis of this hack by Word Press user t2trollherten via a Russian IP address:
https://wordpress.stackexchange.com/questions/318755/understanding-website-hack
Damian
Another ongoing Word Press malware campain is via saks.made dot net:
Read: https://blog.sucuri.net/2018/10/saskmade-net-redirects.html
and http://dfir.pro/index.php?link_id=90047
and see: https://github.com/Hestat/lw-yara/blob/master/includes/saskmade-net-redirects.yar
polonus
This is disturbing.
Google Services Disrupted as Internet Traffic Diverts to China
Another reason why your VPN should always be in use.
Security risk on AMP for WP – Accelerated Mobile Pages Plugin
https://www.webarxsecurity.com/amp-plugin-vulnerability/
Researchers Created Fake ‘Master’ Fingerprints to Unlock Smartphones
https://motherboard.vice.com/en_us/article/bjenyd/researchers-created-fake-master-fingerprints-to-unlock-smartphones
Security updates available for Flash Player | APSB18-44
https://helpx.adobe.com/security/products/flash-player/apsb18-44.html
Tackle the ever/existing threat of the gaping UPnP-hole - disable that service! :
1,7 million devices are at risk: https://blogs.akamai.com/sitr/2018/11/upnproxy-eternalsilence.html
Server header for a normal response could be “Microsoft-IIS/8.5”,
while the header for a response during an attack would be “Microsoft-HTTPAPI/2.0.”,
then pay attention whether (SSDP/UPnP) is present,
The ironical thing however is, that with newer versions of the UPnP protocol, we find minimal core security protection.
UPnP-attacks can be used to cause chaos, to create holes in firewalls, and other abuse.
UPnP deadly simple or simply deadly to leave it open on your machines, so disable it where you can.
polonus