SECURITY WARNINGS & Notices - Please post them here

bob3160 · 2022-01-22T13:56:55.000Z

Two troubling Headlines.
The first one affects those using McAfee
McAfee Agent bug lets hackers run code with Windows SYSTEM privileges
https://www.bleepingcomputer.com/news/security/mcafee-agent-bug-lets-hackers-run-code-with-windows-system-privileges/
The second one affects those using Windows Defender (Windows Security)
Microsoft Defender weakness lets hackers bypass malware detection
https://www.bleepingcomputer.com/news/security/microsoft-defender-weakness-lets-hackers-bypass-malware-detection/

polonus · 2022-01-22T14:18:41.000Z

Word Press-sites may be vulnerable to backdoor in Access Press Themes:
https://jetpack.com/2022/01/18/backdoor-found-in-themes-and-plugins-from-accesspress-themes/

polonus

Asyn · 2022-01-24T08:30:12.000Z

FBI warns of malicious QR codes used to steal your money
https://www.bleepingcomputer.com/news/security/fbi-warns-of-malicious-qr-codes-used-to-steal-your-money/

bob3160 · 2022-01-24T13:01:51.000Z

Asyn post:6603:

FBI warns of malicious QR codes used to steal your money
https://www.bleepingcomputer.com/news/security/fbi-warns-of-malicious-qr-codes-used-to-steal-your-money/

Malicious QR codes found in Austin.
https://youtu.be/th--omyQgxo

Asyn · 2022-01-27T08:39:16.000Z

Apple fixes new zero-day exploited to hack macOS, iOS devices
https://www.bleepingcomputer.com/news/apple/apple-fixes-new-zero-day-exploited-to-hack-macos-ios-devices/

bob3160 · 2022-01-28T14:37:05.000Z

Weekly Security News Roundup w/e 1-28-2022

https://d1ka0itfguscri.cloudfront.net/Lh/2022/01/28/14/27/c3Vu2tVDYkZ/preview.jpg

[b]https://youtu.be/C60R9Kw-fIM[/b]
Security-related news thanks mostly to Avast Software. I’m just a messenger.
They do most of the challenging work and research. https://www.avast.com/en-us/index#pc

bob3160 · 2022-01-28T22:46:11.000Z

Social media scammers stole at least $770 million in 2021

https://d1ka0itfguscri.cloudfront.net/Lh/2022/01/28/22/40/c3Vu3kVD3Q1/preview.jpg

[b]https://youtu.be/agQ7pzxIYNU[/b]
Scams originating on social media have ‘soared,’ according to a new report from the FTC.
For full details, see the article on engadget. https://engt.co/3s29huz

bob3160 · 2022-01-29T18:53:28.000Z

1-29-2022 Security News Flash -
Another Crypto Platform Hacked, $80 Million Stolen

https://d1ka0itfguscri.cloudfront.net/Lh/2022/01/29/18/49/c3VUFdVD0O5/preview.jpg

[b]https://youtu.be/2CFuu_-AFuI[/b]
A decentralized finance platform called Qubit was attacked,
and its users lost around $80 million in cryptocurrency.
Detail at How-To Geek: https://bit.ly/3rUyy9W

Asyn · 2022-01-30T09:25:12.000Z

Windows vulnerability with new public exploits lets you become admin
https://www.bleepingcomputer.com/news/microsoft/windows-vulnerability-with-new-public-exploits-lets-you-become-admin/

polonus · 2022-01-31T04:53:08.000Z

Do you report spam/scam-mail?
For instance the Wing Ying -cjdropshipper dot com spam email?
Re: https://stopscamfraud.com/viewtopic.php?f=26&t=23348&view=previous
also: https://419scam.org/emails/2022-01/04/02115157.92.htm

polonus

Asyn · 2022-01-31T09:07:07.000Z

German govt warns of APT27 hackers backdooring business networks
https://www.bleepingcomputer.com/news/security/german-govt-warns-of-apt27-hackers-backdooring-business-networks/

Asyn · 2022-02-01T08:11:51.000Z

600K WordPress sites impacted by critical plugin RCE vulnerability
https://www.bleepingcomputer.com/news/security/600k-wordpress-sites-impacted-by-critical-plugin-rce-vulnerability/

bob3160 · 2022-02-01T13:28:05.000Z

What’s the deal with Google Topics?

https://d1ka0itfguscri.cloudfront.net/Lh/2022/02/01/13/23/c3nVI0VDv8l/preview.jpg

[b]https://youtu.be/DFfF5oGfb1M[/b]
At first glance, this initiative seems like a win for privacy advocates,
as it gives more control to the users.
Read Joe Bosso’s full article on this topic on the Avast Blog:
https://blog.avast.com/google-topics-avast

Asyn · 2022-02-02T08:59:23.000Z

FBI warns of fake job postings used to steal money, personal info
https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-job-postings-used-to-steal-money-personal-info/

bob3160 · 2022-02-03T15:50:06.000Z

Stolen Netflix accounts

https://d1ka0itfguscri.cloudfront.net/Lh/2022/02/03/15/45/c3neoGVDBNk/preview.jpg

[b]https://youtu.be/Lbl-TZkyPRY[/b]
How did this happen – and what can you do about it if this happens to you?
Thanks to Luis Corrons for his advice
https://blog.avast.com/author/luis-corrons
and to Laura Josepha Zimmermann for this information.
https://blog.avast.com/author/laura-josepha-zimmermann

bob3160 · 2022-02-05T15:54:19.000Z

Weekly Security News Roundup w/e 2-4-2022

https://d1ka0itfguscri.cloudfront.net/Lh/2022/02/05/15/43/c3nho5VDEJB/preview.jpg

[b]https://youtu.be/-ByEqdesEjk[/b]
Security-related news thanks mostly to Avast Software. I’m just a messenger.
They do most of the challenging work and research.
https://www.avast.com/en-us/index#pc

Asyn · 2022-02-10T09:30:39.000Z

PHP Everywhere RCE flaws threaten thousands of WordPress sites
https://www.bleepingcomputer.com/news/security/php-everywhere-rce-flaws-threaten-thousands-of-wordpress-sites/

bob3160 · 2022-02-11T15:52:06.000Z

Weekly Security News Roundup w/e 2-11-2022

https://d1ka0itfguscri.cloudfront.net/Lh/2022/02/11/15/48/c3nXoJVbVdy/preview.jpg

[b]https://youtu.be/L1y8YbFYlAw[/b]
Security-related news thanks mostly to Avast Software. I’m just a messenger.
They do most of the challenging work and research.
https://www.avast.com/en-us/index#pc

bob3160 · 2022-02-12T16:19:32.000Z

Payback is Sweet Revenge

https://d1ka0itfguscri.cloudfront.net/Lh/2022/02/12/16/15/c3nlDoVbfeh/preview.jpg

[b]https://youtu.be/8mvD7f86ey0[/b]
“If they don’t see we have teeth, it’s just going to keep coming.”
Read the full article at:
https://www.wired.com/story/north-korea-hacker-internet-outage/

polonus · 2022-02-14T11:18:09.000Z

Thousands of npm-packages have outdated domainname weak links and can be hijacked.
https://arxiv.org/abs/2112.10165

pol

Announcements