Jump to content

David H. Lipman

Experts
  • Content Count

    16,009
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. Most likely because the uninstaller utility is not Digitally Signed executable.
  2. The EICAR test string is based upon 16bit executables and to MBAM is just a string. MBAM specifically targets PE binaries that start with the first two characters being; MZ which the EICAR does not have. They can be; EXE, COM, CPL, SYS, DLL, SCR and OCX. Any of these file types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'. This includes file names that use Unicode Right-to-Left Override to obfuscate an executable file extension.
  3. This is all Verizon Media, formally OATH, which is a Verizon subsidiary. Yahoo and AOL are both divisions of Verizon Media. Yahoo, AOL and other subsidiaries have Privacy Dashboards. If you have any Verizon Media accounts, it is suggested that you go to the Verizon Media Privacy Dashboard, choose the service(s) you have an account with and Opt-Out of all of their ad, tracking and other seedy practices. https://www.verizonmedia.com/policies/us/en/verizonmedia/privacy/dashboard/index.html
  4. Increased Use of Mobile Banking Apps Could Lead to Exploitation "As the public increases its use of mobile banking apps, partially due to increased time at home, the FBI anticipates cyber actors will exploit these platforms. Americans are increasingly using their mobile devices to conduct banking activities such as cashing checks and transferring funds. US financial technology providers estimate more than 75 percent of Americans used mobile banking in some form in 2019. Studies of US financial data indicate a 50 percent surge in mobile banking since the beginning of 2020. Additionally, studies indicate 36 percent of Americans plan to use mobile tools to conduct banking activities, and 20 percent plan to visit branch locations less often. With city, state, and local governments urging or mandating social distancing, Americans have become more willing to use mobile banking as an alternative to physically visiting branch locations. The FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of techniques, including app-based banking trojans and fake banking apps."
  5. I can see where the confusion stems from. The Point of Presence is NY but is owned by m247.com which is a UK entity with Romanian assets. % Abuse contact for '86.106.121.0 - 86.106.121.255' is 'abuse@m247.ro' inetnum: 86.106.121.0 - 86.106.121.255 netname: RO-M247RO-20050418 country: US geoloc: 40.7175544 -74.0083725 org: ORG-MES6-RIPE admin-c: NYC-RIPE tech-c: NYC-RIPE status: ALLOCATED PA mnt-by: M247-EU-MNT mnt-by: RIPE-NCC-HM-MNT created: 2020-04-01T13:42:12Z last-modified: 2020-04-01T14:51:38Z source: RIPE remarks: --------------LEGAL CONCERNS----------------------------- remarks: For any legal requests, please send an email remarks: to ro-legal@m247.ro for a maximum 48hours response. remarks: --------------------------------------
  6. Amtrak discloses data breach, potential leak of customer account data "The National Railroad Passenger Corporation (Amtrak) has disclosed a data breach that may have resulted in the compromise of customer personally identifiable information (PII). The data breach was discovered on April 16, 2020. In a letter to the Attorney General's Office of Vermont, made public on April 29, the rail service said that an unknown third party managed to fraudulently access Amtrak Guest Rewards accounts. The Amtrak Guest Rewards service allows passengers to rack up points when they travel to exchange for discounts, hotels, and gift cards, among other offerings. The attack vector involved was compromised usernames and passwords, which may suggest the use of credentials previously leaked or stolen, or the use of brute-force methods. Amtrak says that some personal information was viewable, although the company has not specifically said what data may have been compromised. However, Amtrak was keen to emphasize that Social Security numbers, credit card information, and other financial data was not involved in the data leak. Users that receive a notice that their Amtrak Guest Rewards account was potentially included in the breach will also note that their accounts will have an active, forced password reset. The company's security team said that after detecting suspicious activity, access was revoked "within a few hours." In a statement, Amtrak said the firm is "[taking] this matter very seriously and is taking steps to help prevent incidents like this from happening again."
  7. Is this thread I NEED SERIOUS HELP PLEASE! associated with this problem ?
  8. Below is the header for this Virus Total Report. I have placed a box around two areas. One that indicates when the last scan was performed. The other, when chosen, requests Virus Total to re-scan the file in that report. ** Please note that this is not a "Malware removal" thread so an Admin may move this thread to a more appropriate area of the Forum.
  9. Chances are it is a False Positive. When you posted the Virus Total report URL, the last time the file was scanned was on 5/20 with 5 detections. I instigated Virus Total to re-scan the file and five days later that detection has dropped to four detections and two of them are the same so there are only 3 detections now.
  10. https://www.virustotal.com/gui/file/592803b494e796e485f9bf4d06d0c63192cdf856ecc3ce9cea5b835efc512d84/detection
  11. Please reference: FP in Exact Audio Copy 1.5 (EAC)
  12. Data exfiltration Database security Security Issues in the Database Language SQL
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.