If it is the Hao123/Baidu malware try this: viewtopic.php?f=15&t=3099&start=1745musungu wrote: I too cannot get rid of it - I think it may have started from after going into Pirate Bay, or streaming sports via Wiziwig.
The computer and software security thread
Re: The computer and software security thread
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
- pharvey
- Moderator
- Posts: 13865
- Joined: Sat Aug 29, 2009 10:21 am
- Location: Sir Fynwy - God's Country
Hackers take control of 300,000 home routers
All sounds a bit worrying - the next step in Cyber Crime...
Taken from BBC Website: -
A world-spanning network of hijacked home routers has been uncovered by security researchers.
The network involves more than 300,000 routers in homes and small businesses that have been taken over through loopholes in their core software.
Discovered by researchers at Team Cymru, the network is thought to be one of the biggest involving such devices.
It is not yet clear what the people behind the attack intend to do with the collection of compromised routers.
In a research paper describing its findings, Team Cymru said it had first seen routers from several different manufacturers being compromised in January 2014.
These first victims had been in Eastern Europe, but now most of the machines were in Vietnam with the rest scattered around Europe as well as a couple of other countries, said Team Cymru.
Once routers were taken over, internal instructions were changed so they no longer asked servers at their owner's ISP for help looking up the location of websites they regularly visit.
This would mean that the attackers could re-direct people to anywhere they wanted, inject their own adverts into web pages people visit or poison the search results they get.
Instead, these queries were routed through two IP addresses overseen by a hosting company in south London. That company has yet to respond to a request for comment.
Team Cymru researcher Steve Santorelli said the reason for creating the network of hijacked routers was still "mysterious" as the attackers did not seem to have abused their control for malicious ends.
The attack had some similarities with an incident seen in Poland, which involved hijacked home routers being re-directed to malicious websites controlled by hi-tech thieves keen to grab online bank login credentials, said Mr Santorelli.
"It's a definite evolution in technology - going after the internet gateway, not the end machine," Mr Santorelli told the BBC in an email. "We see these leaps in concepts every few years in cybercrime."
Team Cymru had contacted law enforcement about the attack and informed ISPs with a lot of compromised customers, he said
Taken from BBC Website: -
A world-spanning network of hijacked home routers has been uncovered by security researchers.
The network involves more than 300,000 routers in homes and small businesses that have been taken over through loopholes in their core software.
Discovered by researchers at Team Cymru, the network is thought to be one of the biggest involving such devices.
It is not yet clear what the people behind the attack intend to do with the collection of compromised routers.
In a research paper describing its findings, Team Cymru said it had first seen routers from several different manufacturers being compromised in January 2014.
These first victims had been in Eastern Europe, but now most of the machines were in Vietnam with the rest scattered around Europe as well as a couple of other countries, said Team Cymru.
Once routers were taken over, internal instructions were changed so they no longer asked servers at their owner's ISP for help looking up the location of websites they regularly visit.
This would mean that the attackers could re-direct people to anywhere they wanted, inject their own adverts into web pages people visit or poison the search results they get.
Instead, these queries were routed through two IP addresses overseen by a hosting company in south London. That company has yet to respond to a request for comment.
Team Cymru researcher Steve Santorelli said the reason for creating the network of hijacked routers was still "mysterious" as the attackers did not seem to have abused their control for malicious ends.
The attack had some similarities with an incident seen in Poland, which involved hijacked home routers being re-directed to malicious websites controlled by hi-tech thieves keen to grab online bank login credentials, said Mr Santorelli.
"It's a definite evolution in technology - going after the internet gateway, not the end machine," Mr Santorelli told the BBC in an email. "We see these leaps in concepts every few years in cybercrime."
Team Cymru had contacted law enforcement about the attack and informed ISPs with a lot of compromised customers, he said
"Hope is a good thing, maybe the best of things" - Yma o Hyd.
Heartbleed bug. Secure https sites are not secure.
This bug is a big deal. The exploit is real. The extent to which it has been used to steal passwords and intercept traffic is unknown. It applies only to sites with 'https' in the URL. Link to Google news: https://www.google.co.th/search?q=heart ... 66&bih=578
Consider testing any site you use where having your account hacked would be a non-trivial problem. I started with financial sites. A security firm has a site tester: https://www.ssllabs.com/ssltest/index.html If a site is safe today, that doesn't mean it was safe for the past 2 years. Consider changing passwords.
Consider testing any site you use where having your account hacked would be a non-trivial problem. I started with financial sites. A security firm has a site tester: https://www.ssllabs.com/ssltest/index.html If a site is safe today, that doesn't mean it was safe for the past 2 years. Consider changing passwords.
Re: Heartbleed bug. Secure https sites are not secure.
A research team tested for the Heartbleed bug on the Alexa Top 1 Million websites. 61% of the https sites were never vulnerable. 11% remain vulnerable since the bug's discovery. Their full internet scan is still running (as of 11pm last night, our time), but they've have completed enough to estimate 6% of all https sites are still vulnerable.
http://arstechnica.com/security/2014/04 ... enssl-bug/
http://arstechnica.com/security/2014/04 ... enssl-bug/
Re: The computer and software security thread
German programmer says he accidentally inserted Heartbleed bug while trying to improve other software.
http://online.wsj.com/news/articles/SB1 ... 6?mod=e2tw
http://online.wsj.com/news/articles/SB1 ... 6?mod=e2tw
Atheists have no need of a god. Our lives are not based on fear or guilt. We are moral because we know it's right.
Never attribute to malice that which can be explained by stupidity. R J Hanlon
Never attribute to malice that which can be explained by stupidity. R J Hanlon
Internet Explorer (IE)
RICHARD OF LOXLEY
It’s none of my business what people say and think of me. I am what I am and do what I do. I expect nothing and accept everything. It makes life so much easier.
It’s none of my business what people say and think of me. I am what I am and do what I do. I expect nothing and accept everything. It makes life so much easier.
Re: The computer and software security thread
I'm not very computer literate...what do I need to protect my pc? Anti-virus, malware protection, firewall? Is there more? Is there a good all-in-one system out there? Free? Paid? Any recommendations?
Answers in layman's terms are appreciated
Answers in layman's terms are appreciated
Re: The computer and software security thread
Antivirus (FREE): http://www.avast.com/
Malware (FREE): http://www.safer-networking.org/mirrors/
Firewall (FREE): Use the Windows one or this for extra protection - http://www.comodo.com/products/free-products.php
Malware (FREE): http://www.safer-networking.org/mirrors/
Firewall (FREE): Use the Windows one or this for extra protection - http://www.comodo.com/products/free-products.php
Who is the happier man, he who has braved the storm of life and lived or he who has stayed securely on shore and merely existed? - Hunter S Thompson
Re: The computer and software security thread
Microsoft rescues XP users with emergency browser fix
BOSTON (Reuters) - Microsoft is helping the estimated hundreds of millions of customers still running Windows XP, which it stopped supporting earlier this month, by providing an emergency update to fix a critical bug in its Internet Explorer browser.......
http://news.yahoo.com/microsoft-release ... ector.html
BOSTON (Reuters) - Microsoft is helping the estimated hundreds of millions of customers still running Windows XP, which it stopped supporting earlier this month, by providing an emergency update to fix a critical bug in its Internet Explorer browser.......
http://news.yahoo.com/microsoft-release ... ector.html
Governments are instituted among Men, deriving their just powers from the consent of the governed. Source
Free Security Updates for Windows XP Until 2019
https://uk.news.yahoo.com/free-security ... 16266.html
How to Get Free Security Updates for Windows XP Until 2019
How to Get Free Security Updates for Windows XP Until 2019
Atheists have no need of a god. Our lives are not based on fear or guilt. We are moral because we know it's right.
Never attribute to malice that which can be explained by stupidity. R J Hanlon
Never attribute to malice that which can be explained by stupidity. R J Hanlon
Re: The computer and software security thread
Thank you
Courage is grace under pressure and when circumstances change you change your mind.
Re: The computer and software security thread
The above is true not only for Mac, but also for GNU/Linux, where both Mac OS-X and GNU/Linux distributions have less security threats than Windows OS. My own opinion on the reason is not so much that their architecture is inherently more secure than MS-Windows (although their architecture may indeed be a bit more secure) but rather Windows is still the dominant OS and windows garners the vast majority of the hackers attention.Cing Jai wrote:Yep, been hearing that for 10 years or more. One day it just might be true.Pleng wrote:At the end of the day virus makers are going to target MacOS because Apple keep claiming how secure it is.Cing Jai wrote:There are no viruses for Mac and
I moved to GNU/Linux back in 1998 when I lived in Phuket, and I have not gone back to MS-Windows since.
There are very few virus for GNU/Linux (nor for Mac). So few in fact, I venture a view that the anti-virus programs that one can get for GNU/Linux and Mac could be considered suspect, because it is almost impossible to test them. How can one test if a GNU/Linux or Mac anti-virus program works, if there are little to no virus to test them against ?
The above thou, is not to say there are not vulnerabilities for GNU/Linux nor for Mac. Indeed there are vulnerabilities, and there are hackers who in particular attack GNU/Linux servers. Hackers can break into GNU/Linux systems via poor passwords on open SSH ports, or if they gain physical access to the machine they may be able to use a zero-day exploit to obtain root access and then deposit a root kit.
The NSA (and indeed possibly the hacker community ?? ) can deposit software one on one's PC that modifies the firmware, such that no matter what OS one has installed, the PC can be compromised.
And no matter what one's OS, one can always be tricked by phishing techniques to give up one's password to commercial services, internet email services, etc ....
Despite my using GNU/Linux for > 16 years, I still run the occasional MS-Windows program. Some under 'wine' in GNU/Linux (where the programs run natively) or some in a virtual session (using VMBox) where it is very easy to keep a clean backup of one's MS-Windows. Its very rare (possibly unheard of) for a virus to run properly under wine. But it is possible to catch a virus in an MS-Windows virtual session. Restoration of a corrupted system (from backup) is as easy as conducting a simple file copy. Hence while running Windows in a Virtual session won't stop Windows from catching a virus (or other maleware) it will keep the underlying GNU/Linux OS a step removed/protected against most threats. Indeed I know of friends who run GNU/Linux as a virtual session inside of GNU/Linux, providing even more protection. One can consider that sort of a defensive honey pot.
I know one friend who simply has no OS on his hard drive. Instead he only boots the PC from a liveCD, where he updates the liveCD every few months. He uses either the hard drive or a USB stick for his data. Its impossible for any maleware to be installed on a liveCD. I don't particularly care for that approach, but it is a possibility for the truly paranoid.
Re: The Digital Surgery
Microsoft's Aug 12 Windows update caused problems. Affected are some systems running Vista, 7 and 8, as well as business oriented versions of windows. Reliable sources recommend uninstalling some of the updates http://www.computerworld.com/s/article/ ... ath_update
Microsoft instructions for uninstalling some of the updates and fixing the problems not corrected by the uninstall http://support.microsoft.com/kb/2982791
Microsoft is still working on removing the updates from their updater.
Microsoft instructions for uninstalling some of the updates and fixing the problems not corrected by the uninstall http://support.microsoft.com/kb/2982791
Microsoft is still working on removing the updates from their updater.
Re: The Digital Surgery
One part of Internet security, SSL 3, is vulnerable. Full story: https://community.qualys.com/blogs/secu ... dle-attack
Test your browsers: https://dev.ssllabs.com/ssltest/viewMyClient.html
Did you test your phone browsers?
If vulnerable, how to adjust browser settings at: https://scotthelme.co.uk/sslv3-goes-to- ... -protocol/
and https://zmap.io/sslv3/browsers.html
Test your browsers: https://dev.ssllabs.com/ssltest/viewMyClient.html
Did you test your phone browsers?
If vulnerable, how to adjust browser settings at: https://scotthelme.co.uk/sslv3-goes-to- ... -protocol/
and https://zmap.io/sslv3/browsers.html
- JimmyGreaves
- Legend
- Posts: 2913
- Joined: Mon Oct 17, 2005 5:06 am
- Location: HuaEireHin
beware - aviasales.ru popups from webpages.
Not sure how I contracted this but today started getting annoying popups from these people.
Searched the net and it has been reported here and mentions Thailand.
Anyone?
http://www.bleepingcomputer.com/forums/ ... y-android/
Searched the net and it has been reported here and mentions Thailand.
Anyone?
http://www.bleepingcomputer.com/forums/ ... y-android/
Diplomacy is the ability to tell a man to go to hell so that he looks forward to making the trip