• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos4 Stats

Security News

Intel Security, Palo Alto Networks, Fortinet, and Symantec under the Cyber Threat Alliance have probed the net scourge revealing that the attackers are thought to be a single entity. That theory's based on commonalities in the Bitcoin wallets they use to receive ransom payments.

 http://www.theregister.co.uk/2015/10/30/crypowall_paper_cyber_threat_alliance/

Kaspersky Lab has added an additional 14,031 decryption keys to their free repository, enabling all those who have fallen victim to CoinVault and Bitcryptor ransomware to retrieve their encrypted data without having to pay a ransom to cybercriminals.

http://www.net-security.org/malware_news.php?id=3137 

Replies

Kudos0

Re: Security News

Symantec on Tuesday unveiled a new solution designed to help protect enterprises against email-based attacks using threat isolation. 17-Jul-2018

https://www.securityweek.com/symantec-launches-email-threat-isolation-solution 

Kudos0

Re: Security News

LabCorp, a healthcare diagnostics company, has shut down its systems after a suspected network breach, which could have put millions of health records at risk. 

https://www.infosecurity-magazine.com/news/millions-of-health-records-at-risk/ 

Kudos1 Stats

Re: Security News

Everybody and their mother is blocking ads, so why aren’t you? - 09-Jul-2018 - Updated: 19-Jul-2018
https://blog.malwarebytes.com/security-world/privacy-security-world/2018/07/mother-is-blocking-ads-so-why-arent-you/

Kudos0

Re: Security News

Robotic Vacuums May Hoover Your Data
Researchers have discovered a pair of vulnerabilities that allow unauthorized code execution in a robotic vacuum.

https://www.darkreading.com/iot/robotic-vacuums-may-hoover-your-data/d/d-id/1332335 

Kudos1 Stats

Re: Security News

Hackers are embedding malicious code within compromised, uploaded images on trusted Google sites – weaponizing the website and staying under the radar.

https://threatpost.com/stealthy-malware-hidden-in-images-takes-to-googleusercontent/134183/ 

Kudos1 Stats

Re: Security News

Brace yourself for a slew of security warnings from Chrome
Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.
https://betanews.com/2018/07/23/chrome-68-http-security-warnings/

Kudos0

Re: Security News

24 Defendants Sentenced in Multimillion Dollar India-Based Call Center Scam Targeting U.S. Victims - 20-Jul-2018
https://www.justice.gov/opa/pr/24-defendants-sentenced-multimillion-dollar-india-based-call-center-scam-targeting-us-victims

Kudos0

Re: Security News

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is suing its insurance provider for refusing to fully cover the losses.

https://krebsonsecurity.com/2018/07/hackers-breached-virginia-bank-twice-in-eight-months-stole-2-4m/

Kudos1 Stats

Re: Security News

Kudos0

Re: Security News

Hackers Hiding Web Shell Logins in Fake HTTP Error Pages
According to nullcookies, web shells hiding behind these fake error pages pose a particular danger to system administrators who may clean up a phishing install, but not realize another page on the site is hiding a web shell that could allow an attacker to easily reinfect the site.

https://www.bleepingcomputer.com/news/security/hackers-hiding-web-shell-logins-in-fake-http-error-pages/ 

Kudos1 Stats

Re: Security News

A buggy Mozilla Firefox browser extension for sharing links to Pinterest has automatically injected malformed code into at least 5,000 websites.  The code injection in this instance was not malicious, but researchers at Sucuri, which discovered and reported the problem on Tuesday, said the incident underscores how pervasive a threat vector browser extensions can be if used by bad actors.

https://threatpost.com/pinterest-browser-extension-injects-unwanted-code-into-5k-websites/134401/ 

Kudos1 Stats

Re: Security News

Kudos0

Re: Security News

Mozilla Reinforces Commitment to Distrust Symantec Certificates
https://www.securityweek.com/mozilla-reinforces-commitment-distrust-symantec-certificates

Kudos0

Re: Security News

Microsoft shows that it does not really care about user feedback -- 04-Aug-2018
https://www.ghacks.net/2018/08/04/microsoft-shows-that-it-does-not-really-care-about-user-feedback/

Kudos0

Re: Security News

Master List of Windows 10 "phone home" connections -- 03-Aug-2018
https://www.ghacks.net/2018/08/03/master-list-of-windows-10-phone-home-connections/

Kudos0

Re: Security News

Symantec has observed tech support scammers using a popular call optimization service, allowing them to dynamically insert phone numbers into their scam web pages and potentially giving them additional features to make their scams more successful.
Symantec proactively protects customers against tech support scams. Our intrusion prevention system (IPS) protects customers from tech support scams by blocking the malicious network activity associated with such scams using a wide variety of detections.
From January 1, 2018 through June, Symantec’s IPS blocked more than 93 million tech support scams.

https://www.symantec.com/blogs/threat-intelligence/tech-support-scam-call-optimization 

Kudos1 Stats

Re: Security News

Mozilla wants to override any configured DNS server with Cloudflare

So let’s get to the new Firefox feature called "Trusted Recursive Resolver" (TRR). When Mozilla turns this on by default, the DNS changes you configured in your network won't have any effect anymore. At least for browsing with Firefox, because Mozilla has partnered up with Cloudflare, and will resolve the domain names from the application itself via a DNS server from Cloudflare based in the United States. Cloudflare will then be able to read everyone's DNS requests. 

Update #1:
Update #2:

https://blog.ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/

Kudos1 Stats

Re: Security News

Security Researchers Express Concerns Over Mozilla's New DNS Resolution For Firefox (ungleich.ch)
https://yro.slashdot.org/story/18/08/05/2353249/security-researchers-express-concerns-over-mozillas-new-dns-resolution-for-firefox

Kudos1 Stats

Re: Security News

bjm_:
            Mozilla wants to override any configured DNS server with Cloudflare....

https://blog.ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/

 Hi bjm_:

Thanks for posting links to recent article about Mozilla's plan to use the Cloudflare service for DNS Over HTTPS (DoH).

I recall you posting about the Malwarebytes Labs article Cloudflare’s New DNS Service in this thread along with the speed test results you posted <here> for the Cloudflare 1.1.1.1 DNS service.  Here are a few additional articles Martin Brinkmann posted in ghacks.net about Firefox and DoH.
  20-Mar-2018: https://www.ghacks.net/2018/03/20/firefox-dns-over-https-and-a-worrying-shield-study/
  02-Apr-2018: https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/

The June 2018 Mozilla Firefox Nightly blog entry Improving DNS Privacy in Firefox states "We’ve chosen Cloudflare because they agreed to a very strong privacy agreement that protects your data" and details of the privacy statement are posted at https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/.  I'll be interested to see how this plays out when Mozilla finally flips the switch and enables TRR (Trusted Recursive Resolver) with DoH as the Firefox default.
-----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.14.2.13

Kudos1 Stats

Re: Security News

Mozilla faces resistance over DNS privacy test -- 07-Aug-2018
https://nakedsecurity.sophos.com/2018/08/07/mozilla-faces-resistance-over-dns-privacy-test/

Kudos0

Re: Security News

Last week Symantec revealed plans to slash 8 per cent of its workforce (1,000 heads) in response to disappointing enterprise sales. The firm has also cancelled a discounted share purchase worker-loyalty programme as an additional cost-saving measure.

https://www.theregister.co.uk/2018/08/08/symantec_share_scheme_supended/
 

Kudos0

Re: Security News

bjm_:

Last week Symantec revealed plans to slash 8 per cent of its workforce (1,000 heads) in response to disappointing enterprise sales. The firm has also cancelled a discounted share purchase worker-loyalty programme as an additional cost-saving measure.

https://www.theregister.co.uk/2018/08/08/symantec_share_scheme_supended/
 

No real surprise there.  

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Security News

26.5 million Comcast Xfinity customers had their partial home addresses and SSNs exposed
https://www.tripwire.com/state-of-security/featured/comcast-xfinity-customers-home-addresses-ssns-exposed/

Kudos1 Stats

Re: Security News

Kudos1 Stats

Re: Security News

Some Chrome users on Windows noticed a new warning message about incompatible applications recently when they start the web browser.
Not all Chrome users on Windows see the warnings at this time. Google runs A-B tests to test the new feature. It appears, however, that the test population has increased recently as users started to report incompatible applications issues on the official Help Forum.
A wide range of programs seem to inject code in the browser judging from the screenshots that users posted on the forum. The list includes Dropbox, Malwarebytes, Norton Security, Acronis True Image, WinPatrol, RocketDock, Avast Premier, and TortoiseGit.  20-Aug-2018

https://www.ghacks.net/2018/08/20/about-google-chromes-incompatible-applications-warning/ 


https://www.bleepingcomputer.com/news/google/google-chrome-showing-alerts-about-incompatible-applications/

Kudos1 Stats

Re: Security News

bjm_:

Some Chrome users on Windows noticed a new warning message about incompatible applications recently when they start the web browser....A wide range of programs seem to inject code in the browser judging from the screenshots that users posted on the forum. The list includes Dropbox, Malwarebytes, Norton Security, Acronis True Image, WinPatrol, RocketDock, Avast Premier, and TortoiseGit.  20-Aug-2018


https://www.bleepingcomputer.com/news/google/google-chrome-showing-alerts-about-incompatible-applications/

Lawrence Abrams  posted a follow-up article on bleepingcomputer today at Bitdefender Disables Anti-Exploit Monitoring in Chrome After Google Policy Change.  There are comments in that thread from other affected companies like Malwarebytes, Kaspersky and Avast/AVG, but apparently no public response from Symantec so far.

Kudos2 Stats

Re: Security News

lmacri:

Lawrence Abrams  posted a follow-up article on bleepingcomputer today at Bitdefender Disables Anti-Exploit Monitoring in Chrome After Google Policy Change.  There are comments in that thread from other affected companies like Malwarebytes, Kaspersky and Avast/AVG, but apparently no public response from Symantec so far.

Malwarebytes has just released a new component package update v1.0.441 for MB Premium v3.5.1.2522 real-time protection (Win 7 and higher users only) and the release notes <here> state in part:

" Removed anti-exploit shield from Chrome due to Google’s new policy against code injection into Chrome"

I don't know if this is a temporary workaround or permanent change, but has anyone seen any official word from Symantec/Norton about whether they're going to do something similar and disable anti-exploit and/or browser protection in Chrome?

Kudos0

Re: Security News

How to Stop Yahoo from Scanning Your Email to Sell Your Data
https://www.groovypost.com/howto/stop-yahoo-scanning-your-email-to-sell-data/

Kudos1 Stats

Re: Security News

Kudos1 Stats

Re: Security News

Hi Lmacri,

I believe that is why the Norton Security Toolbar will be discontinued and replaced by the Norton Safe Web extension.

https://community.norton.com/en/forums/norton-security-toolbar-changes-google-chrome-technology-updates

https://community.norton.com/en/blogs/product-update-announcements/norton-security-toolbar-changes-google-chrome-technology-updates

The posts seem more focused on Identity Safe but are still relevant.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Security News

Bad guys love using link shortening services to hide their malware links. Using link shortening to post malware and phishing links on social media sites is a very popular way to reach a wide audience of people who often click on things impulsively.
ChecShortURL is a link expansion service that lets you input a short link, such as the example above, and see what the destination link is, without you having to visit it.

https://www.lifewire.com/dangers-of-short-links-2487975

Kudos2 Stats

Re: Security News

Mozilla has announced that upcoming versions of Firefox will block all cross-site tracking, slow tracking scripts, and malicious miner and fingerprinting scripts by default. These new features will be rolled out over the coming months as part of three new initiatives.
The goals of these three initiatives is to protects a user's privacy, block malicious scripts, and to decrease page loading times when browsing the web.

https://www.bleepingcomputer.com/news/software/mozilla-firefox-will-soon-block-all-trackers-by-default/ 

Kudos0

Re: Security News

Waterfox dev has big plans for the browser.

The developer of the Firefox-based Waterfox web browser revealed today on Reddit how he plans to to deal with the changes Mozilla makes to Firefox.

The plan, announced on the official Waterfox Reddit forum, would see the team putting out two versions of the browser in the near future. One that would be migrated to Firefox ESR, another called Waterfox RR which would follow Mozilla's release scheme.

https://www.ghacks.net/2017/03/13/waterfox-dev-has-big-plans-for-the-browser/ 

Kudos0

Re: Security News

Freezing your credit can stop identity thieves from opening an account in your name, but until recently it cost money to do so in some US states. That’s about to change.

Here’s Bryan Krebs, writing for Krebs on Security:

https://www.howtogeek.com/fyi/credit-freezes-will-be-free-soon-helping-you-stop-identity-thieves/ 

Kudos0

Re: Security News

What's new in Waterfox 56.2.3?
Waterfox has been patched with all the latest ESR security fixes.

  • Mozilla Foundation Security Advisories patched:
    • 2018-21
  • Waterfox now has a unique identifier in its user agent, but in a way that shouldn't confuse sniffers:
    • Mozilla/5.0 (Windows NT x.y; Win64; x64; rv:56.0; Waterfox) Gecko/20100101 Firefox/56.2.3
    • Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:56.0; Waterfox) Gecko/20100101 Firefox/56.2.3
    • Mozilla/5.0 (X11; Linux x86_64; rv:56.0; Waterfox) Gecko/20100101 Firefox/56.2.3
  • There is now a complete backup of all classic add-ons from the Mozilla Add-On Store, mirrored on the Waterfox CDN. You can use the Classic add-on Archive add-on to view the catalogue. This will be integrated into the next Waterfox version.
    The next generation of Waterfox is progression nicely; you should expect all the performance benefits of modern Firefox with all the customisability of Waterfox and classic Firefox!

https://blog.waterfoxproject.org/waterfox-56.2.3-release-download

Kudos0

Re: Security News

Microsoft quietly announced that Disk Cleanup is now deprecated, news that was buried at the bottom of a blog post about Windows 10’s Storage Sense. Disk Cleanup isn’t going away immediately but is on its way out the door.

https://www.howtogeek.com/365762/disk-cleanup-is-going-away-in-windows-10-and-we-miss-it-already/ 

Kudos0

Re: Security News

Windows 10 now “warns” you not to install Chrome or Firefox when you download them. It’s just one of the many annoying ways Microsoft pushes Edge, which only has 4% market share despite Microsoft’s increasing desperation.
Microsoft will probably start using this “app recommendations” feature to push other apps in the future, too. Imagine Windows warning you not to install LibreOffice because you could pay for Office 365 instead.

https://www.howtogeek.com/365983/windows-10-tries-to-push-firefox-and-chrome-over-the-edge/

Kudos1 Stats

Re: Security News

Microsoft Abandons Plan to Troll Windows 10 Users With Browser Warnings

These warnings have vanished from the current Insider builds of Windows 10. They won’t be in the final version of the October 2018 Update, which will likely be released at some point in the next few weeks.

 https://www.howtogeek.com/fyi/microsoft-abandons-plan-to-troll-windows-10-users-with-browser-warnings/

Kudos0

Re: Security News

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

https://krebsonsecurity.com/2018/09/govpaynow-com-leaks-14m-records/ 

Kudos0

Re: Security News

NSS Labs files antitrust suit against multiple cybersecurity vendors.  Discussion:
https://www.wilderssecurity.com/threads/nss-labs-files-antitrust-suit-against-multiple-cybersecurity-vendors.408389/

CrowdStrike, Symantec, and ESET are three big names in the cybersecurity world. But a new lawsuit claims they have been conspiring to hamper independent reviews of their antivirus products.

https://www.pcmag.com/news/363882/crowdstrike-symantec-eset-face-lawsuit-over-product-testin 

Kudos1 Stats

Re: Security News

Mozilla grants distrusted Symantec certs a stay of execution, claims many sites yet to make switch.
Mozilla has postponed its plans to distrust all legacy digital certificates from Symantec, spreading dismay in security circles.

https://www.theregister.co.uk/2018/10/11/firefox_symantec_certs_delay/ 

Kudos1 Stats

Re: Security News

Kudos1 Stats

Re: Security News

World wide alert issued for openly available exploit tool usage. https://www.us-cert.gov/ncas/alerts/AA18-284A

Retired military (Navy 1980-2002) AO1 (AW) Aviation Warfare Specialist "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.437 / NCSP 22.17.0.183 / Norton Core v.282 on Android 1.93
Kudos0

Re: Security News

Kudos1 Stats

Re: Security News

Kudos0

Re: Security News

Another 0 Day exploit released, POC code was also released on GitHub. If there is a saving grace it's that the system has to already be compromised for the exploit to work.

Retired military (Navy 1980-2002) AO1 (AW) Aviation Warfare Specialist "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.437 / NCSP 22.17.0.183 / Norton Core v.282 on Android 1.93
Kudos2 Stats

Re: Security News

Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox. With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security.

https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/ 

Kudos0

Re: Security News

bjm_:
Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox...
 

https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/ (link is external) 

That Microsoft Secure blog entry goes on to say that "With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security."

When Norton v22.7 was released in June 2016 the product update announcement Introducing Symantec Data Scanner (SDS) Technology mentioned an "enhanced emulator" and I found an old post of mine in Brocktoon's thread Norton SDS Definitions? stating that Norton v22.7 had added a new (improved?) sandbox feature.  Does anyone know of a Norton/Symantec support article describing how sandboxing works in Norton, or am I completely wrong about this?

Kudos2 Stats

Re: Security News

lmacri:
bjm_:
Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox...
 

https://cloudblogs.microsoft.com/microsoftsecure/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/ (link is external) 

That Microsoft Secure blog entry goes on to say that "With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security."

When Norton v22.7 was released in June 2016 the product update announcement Introducing Symantec Data Scanner (SDS) Technology mentioned an "enhanced emulator" and I found an old post of mine in Brocktoon's thread Norton SDS Definitions? stating that Norton v22.7 had added a new (improved?) sandbox feature.  Does anyone know of a Norton/Symantec support article describing how sandboxing works in Norton, or am I completely wrong about this?

Um, reads like Windows Defender AV runs in a restrictive process execution environment.  Thereby protecting Windows Defender AV.   "Running Windows Defender Antivirus in a sandbox ensures that in the unlikely event of a compromise, malicious actions are limited to the isolated environment, protecting the rest of the system from harm".  Reads like Windows Defender AV program runs in an isolated restrictive environment.  

Norton's emulator reads like an unknown sample under analysis runs in a sandbox (isolated environment).   

Does Norton Security program run in a sandbox....run in an isolated restrictive environment?