|
gently caress Java and gently caress it's million versions that all install at once.
|
# ? Sep 1, 2012 20:14 |
|
|
# ? Jun 1, 2024 19:15 |
|
Megiddo posted:Any word on whether this latest flaw also affects Java 6? Java 6 was not affected. The security flaw was in a new class introduced in 7.0 See this for more: http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
|
# ? Sep 1, 2012 22:00 |
|
I was talking about a new flaw with 7u7: http://www.theregister.co.uk/2012/08/31/critical_flaw_found_in_patched_java/
|
# ? Sep 2, 2012 09:46 |
|
If you've got a computer illiterate who is emailing spam links to everyone in their address books and isn't aware they have malware, where do you tell them to go? I've got one of these, and I figured safety.live.com is a good start, but otherwise didn't know if there's anything better.
|
# ? Sep 2, 2012 18:19 |
|
Craptacular! posted:If you've got a computer illiterate who is emailing spam links to everyone in their address books and isn't aware they have malware, where do you tell them to go? Meatspin
|
# ? Sep 2, 2012 19:07 |
|
Ceros_X posted:Meatspin
|
# ? Sep 3, 2012 16:48 |
|
EvilMuppet posted:But I need Java for my Minecraft If my memory serves you'll be fine with this as it's only the plugin that serves as an attack vector for this, not standalone things that the JRE runs. You can keep building that skytower or whatever, just disable the java browser plugin.
|
# ? Sep 3, 2012 18:40 |
|
Scaramouche posted:This makes me think of your stepdad as some Randall Flagg-esque character, roaming the world, sowing trouble where-ever he goes. Guess who's infected again? randomidiot fucked around with this message at 13:11 on Sep 4, 2012 |
# ? Sep 4, 2012 07:30 |
|
some texas redneck posted:Guess who's infected again?
|
# ? Sep 4, 2012 15:31 |
|
some texas redneck posted:Guess who's infected again? You really should have left the first version of that post, it was spot on.
|
# ? Sep 4, 2012 16:44 |
|
Java chat? Java chat. Hackers bust open an FBI laptop using a Java exploit to steal over 12 million UDIDs, in many cases with associated personal information, for Apple iDevices. http://www.macrumors.com/2012/09/04/hackers-release-1-million-ios-device-udids-obtained-from-fbi-laptop/
|
# ? Sep 4, 2012 16:52 |
|
Ceros_X posted:You really should have left the first version of that post, it was spot on. I was afraid of getting probated for PUI when I woke up Seat Safety Switch posted:Jesus. Buy your dad an iPad or something already. It's like repairing the car of someone who keeps crashing into daycares while reading Playboy. His pile of
|
# ? Sep 4, 2012 18:03 |
|
Factory Factory posted:Java chat? Java chat. Hackers bust open an FBI laptop using a Java exploit to steal over 12 million UDIDs, in many cases with associated personal information, for Apple iDevices. I guess the question now is "why did the FBI have this information".
|
# ? Sep 4, 2012 18:12 |
|
computer parts posted:I guess the question now is "why did the FBI have this information". At first I thought it was a registry of devices being used by the FBI and its staff. Then I realized that 12 million devices is 4 times as many people as work for any branch of the federal government, and the FBI itself only has 35,890 workers. There's about 47 million active iPhones in the US (about half of Americans own smartphones, about 30% of those smartphones that are active are iPhones), so the FBI apparently recorded information on a little over 1/4 of them.
|
# ? Sep 4, 2012 18:21 |
|
The moment I've waited for, time to send out a mass "I told you so" to everyone who's ever called me paranoid.
|
# ? Sep 4, 2012 18:24 |
|
Install Gentoo posted:At first I thought it was a registry of devices being used by the FBI and its staff. Then I realized that 12 million devices is 4 times as many people as work for any branch of the federal government, and the FBI itself only has 35,890 workers. Maybe they have info on all of them and the laptop in question didn't have a complete database. Something that large, well why have 1 person hold on to all the data?
|
# ? Sep 4, 2012 18:34 |
|
pixaal posted:Maybe they have info on all of them and the laptop in question didn't have a complete database. Something that large, well why have 1 person hold on to all the data? Well that's the thing, why exactly would the FBI have that data at all? There's not really a reason the FBI should have it, no way that there's 12 million iPhone users suspected in crimes that would justify having this data. Or even the million or so who had more info in the data.
|
# ? Sep 4, 2012 18:37 |
|
List of compromised accounts? Maybe its evidence and someone hacked a ton of iPhones with a new keylogger app, or something else. I'm sure if you are creative you can think of legitimate reasons. Or you can go with the government spying on you which could be true, I mean we have all the 9/11 laws that basically let them do it I think, I'm not an expert and that's a topic for another thread anyways. I had a roomate that used to "hack" the local network at a collage and he had a 3TB database on the students back in 2006. He basically just through a custom trojan up on the local DC++ that everyone used to share listed it as porn and displayed said images. It really could just be part of a hackers database, if the person was working on the case it could explain it.
|
# ? Sep 4, 2012 18:53 |
|
pixaal posted:List of compromised accounts? Maybe its evidence and someone hacked a ton of iPhones with a new keylogger app, or something else. I'm sure if you are creative you can think of legitimate reasons. Or you can go with the government spying on you which could be true, I mean we have all the 9/11 laws that basically let them do it I think, I'm not an expert and that's a topic for another thread anyways. It also could be part of The Program. https://www.youtube.com/watch?v=r9-3K3rkPRE
|
# ? Sep 5, 2012 02:12 |
|
Well, now the FBI is saying there is no evidence of an attack or that the FBI sought or obtained any UDID data in the first place.
|
# ? Sep 6, 2012 00:35 |
|
alright, virus kit rollcall what you guys got in your kits? code:
|
# ? Sep 10, 2012 03:25 |
|
code:
I have literally no idea why people ever, ever trust a browser to interact with their base OS, or to that end, need it to. e: if we're talking about offering tech support to others, then anything that hooks itself in and requires indepth cleaning is pretty much "reinstall OS, fix everything" Khablam fucked around with this message at 17:47 on Sep 11, 2012 |
# ? Sep 11, 2012 17:44 |
|
Khablam posted:
I think I generally do MalwareBytes, Combofix and MSE. If those three can't get it, I generally just format and be done with it.
|
# ? Sep 11, 2012 21:46 |
|
Gothmog1065 posted:I think I generally do MalwareBytes, Combofix and MSE. If those three can't get it, I generally just format and be done with it. Ccleaner first (wipes browser cache) to make malware bytes scan not take 1000 years.
|
# ? Sep 12, 2012 00:15 |
|
I'm a big fan of Kaspersky Rescue Disk lately. Haven't seen anything it can't rip out.
|
# ? Sep 12, 2012 00:47 |
|
Khablam posted:
Can you post some specifics on what program you use (Sandboxie?) and any config steps you take?
|
# ? Sep 12, 2012 01:39 |
|
Laserface posted:Ccleaner first (wipes browser cache) to make malware bytes scan not take 1000 years. Except check for the smtmp folders before that.
|
# ? Sep 12, 2012 02:29 |
|
sfwarlock posted:Except check for the smtmp folders before that.
|
# ? Sep 12, 2012 03:56 |
|
Blackhole exploit kit 2.0 out Anyone speak russian?
|
# ? Sep 12, 2012 22:23 |
|
Ceros_X posted:Can you post some specifics on what program you use (Sandboxie?) and any config steps you take? I don't know how it compares to other sandbox options on the market, so I can only recommend this one. The free version is functionally very similar to the paid version - you gain a nag and the inability to force programs to always run sandboxed; meaning you need to load the programs into it (right click).
|
# ? Sep 12, 2012 22:39 |
|
http://malware.dontneedcoffee.com/2012/09/blackhole2.0.html Has a google translate copy of the BHEK2.0 notes, it isn't pretty but I guess it gets the job done.
|
# ? Sep 12, 2012 23:50 |
|
Khablam posted:I do indeed use sandboxie. Default options work just fine, though I drop rights just to be sure. I'm sure the actual attack vectors against sandboxed applications are theoretical at this point, however. Do you use the experimental protection mode (for 64-bit Windows OSs)? I haven't tried it because they say it can cause system instability but I'm curious if anyone uses it. http://www.sandboxie.com/index.php?ExperimentalProtection BTW I also drop right (default option). The user account I use is a standard user anyway too. edit: I highly recommend Sandboxie for anyone who doesn't mind opening an extra program and clicking an extra button after downloading items. I've been using it for over a year and it's worked almost perfectly (one flash update did have a conflict a few months back but was resolved by getting the latest version of Sandboxie). The only thing I do that won't work through Sandboxie is Netflix streaming. That's the only reason I run Firefox unprotected now. Zogo fucked around with this message at 00:31 on Sep 13, 2012 |
# ? Sep 13, 2012 00:25 |
|
Zogo posted:Do you use the experimental protection mode (for 64-bit Windows OSs)? I haven't tried it because they say it can cause system instability but I'm curious if anyone uses it. I don't use it, since by that point you're looking at extreme edge cases in terms of a threat. From what I know about it, you would basically already need to be infected with a rootkit for any process running sandboxed to have something meaningful to do. The likelihood of someone writing incredibly complex malware which would end up targeting a very very small percentage of machines is pretty small, so I don't lose any sleep over it; it's a numbers game to them, like casting a net. I can tell you I can deliberately execute all of the worst rootkits out there, to no ill effect.
|
# ? Sep 13, 2012 01:23 |
|
For some reason my Google search links *occasionally* redirect me somewhere else of some vaguely related site to my search. Unfortunately Malware Bytes and MSE both say my computer is clean. My hosts file looks like it should (I think, with just the single local line on it) So what else is left?
|
# ? Sep 13, 2012 02:19 |
|
Combofix.
|
# ? Sep 13, 2012 02:28 |
|
Revitalized posted:For some reason my Google search links *occasionally* redirect me somewhere else of some vaguely related site to my search. If you're using Firefox, it sounds like you have GooRed. (Google Redirect.) There's a specific fix for it - GooRedFix.
|
# ? Sep 13, 2012 03:01 |
|
m2pt5 posted:If you're using Firefox, it sounds like you have GooRed. (Google Redirect.) There's a specific fix for it - GooRedFix. I am indeed using Firefox, and I tried the GooRedFix. It was done in a second but I still seem to get redirected on first click. I just decided to google "What exactly does Combofix do?" and the first link was to a forum post. Clicking on it redirected me to a Norton Security advertisement page, but I went back and clicked the link again and it took me through to the forum post. I have combofix from when I was dealing with the Siefer previously, but it sounds a bit extreme, and also takes forever without moving, so I have no idea if my combofix died in the process or something. I guess I can just combofix before I go to sleep or something.
|
# ? Sep 13, 2012 03:49 |
|
If you run TDSSKiller does it execute? You mentioned Sirefef so i'm wondering if it managed to install the SST bootkit and that hasn't been cleaned properly.
|
# ? Sep 13, 2012 04:05 |
|
Perform a google search for one of the urls that you are being redirected to, and see where that leads you. Most browser redirects I've seen with no other symptoms are usually rootkits of some type.
|
# ? Sep 17, 2012 18:56 |
|
|
# ? Jun 1, 2024 19:15 |
|
mindphlux posted:alright, virus kit rollcall MBAM Auto-Runs Process Explorer GMER/MBR All you need really.
|
# ? Sep 17, 2012 20:18 |