Jump to content

David H. Lipman

Experts
  • Content Count

    16,009
  • Joined

  • Days Won

    1

Everything posted by David H. Lipman

  1. MBAM's anti-exploit module will block the execution of HTML applications.
  2. Since there is no Font function in the Toolbar, the Font BBCode was all that was left. If Invision will no longer support the Font BBCode, then please add a Font Function to the Editor Toolbar. Xiexie ni Alex.
  3. The Forum used to recognize BBCodes for various Fonts. Now NONE are recognized and Forum Updates are no longer even posted. [font=courier] The Quick Brown Fox [/font] [font=arial] The Quick Brown Fox [/font] [font=arial black] The Quick Brown Fox [/font] [font=impact] The Quick Brown Fox [/font] [font=verdana] The Quick Brown Fox [/font] [font=times new roman] The Quick Brown Fox [/font] [font=georgia] The Quick Brown Fox [/font] [font=andale mono] The Quick Brown Fox [/font] [font=trebuchet ms] The Quick Brown Fox [/font] [font=comic sans ms] The Quick Brown Fox [/font] [font=courier] The Quick Brown Fox [/font] [font=arial] The Quick Brown Fox [/font] [font=arial black] The Quick Brown Fox [/font] [font=impact] The Quick Brown Fox [/font] [font=verdana] The Quick Brown Fox [/font] [font=times new roman] The Quick Brown Fox [/font] [font=georgia] The Quick Brown Fox [/font] [font=andale mono] The Quick Brown Fox [/font] [font=trebuchet ms] The Quick Brown Fox [/font] [font=comic sans ms] The Quick Brown Fox [/font]
  4. Yes. One can expect a relatively long time delay between a breach event and the use of the data that had been harvested.
  5. It's legitimate. I have Opted-In for the settlement. RE: Yahoo! Data Breach Settlement - Yahoo account 2012 through 2016
  6. @Tetsuki Did you get a chance to check your email address(s) at https://haveibeenpwned.com/ to see what sites they were associated with a breach event ?
  7. This is purely a scam and they send those emails out en masse hoping one or two bite at the bait. Just delete the email and then change your email password to a new Strong Password just to make sure. Additionally, you can enter your email address(es) in the following site and it will check to see if that email address was part of a known breach. This is most likely how they obtained the password and used it in the email to lend credulity to the scam. https://haveibeenpwned.com/ Please reference: ----------------- US FBI PSA - Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims US FTC Consumer Information - How to avoid a Bitcoin blackmail scam MyOnlinesecurity - attempted-blackmail-scam-watching-porn BleepingComputer - Beware of Extortion Scams Stating They Have Video of You on Adult Sites Malwarebytes' Blog - Sextortion emails: They’re probably not watching you Malwarebytes Forum sample thread - Got strange threating email. Malwarebytes Forum FYI thread - FYI: Email Blackmail Scam still current
  8. Is is a justified detection... https://www.virustotal.com/gui/file/2268e0f59b605ff74656c553658e5c17b3e046370f6ca3032764caaacb582934/detection Download FileZilla here at; https://filezilla-project.org/download.php?show_all=1 to download non-sponsored installers that do NOT include Adware.
  9. The above indicates " You need to sign in to see this page. " Please directly attach and not use 3rd party sites.
  10. @cdu4 This thread is over four years old. You need to take that up with Trend Micro.
  11. @Phuc There are Malwarebytes staff that perform this. If one feels that a Web site is falsely blocked in the Malwarebytes Anti Malware product, each and all URLs should be submitted in; Website Blocking after reading; Please read before posting a FP If one feels that a Web site is falsely blocked by the Malwarebytes Browser Guard plug-in then they should be submitted there in the respective Browser related sub-forum under; Malwarebytes Browser Guard
  12. Monster.com says a third party exposed user data but didn’t tell anyone "An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s prior work experience. Of the documents we reviewed, most users were located in the United States. It’s not known exactly how many files were exposed, but thousands of résumés were found in a single folder dated May 2017. Other files found on the exposed server included immigration documentation for work, which Monster does not collect. A company statement attributed to Monster’s chief privacy officer Michael Jones said the server was owned by an unnamed recruitment customer, with which it no longer works. When pressed, the company declined to name the recruitment customer. “The Monster Security Team was made aware of a possible exposure and notified the recruitment company of the issue,” the company said, adding the exposed server was secured shortly after it was reported in August. Although the data is no longer accessible directly from the exposed web server, hundreds of résumés and other documents can be found in results cached by search engines. But Monster did not warn users of the exposure, and only admitted user data was exposed after the security researcher alerted TechCrunch to the matter. “Customers that purchase access to Monster’s data — candidate résumés and CVs — become the owners of the data and are responsible for maintaining its security,” the company said. “Because customers are the owners of this data, they are solely responsible for notifications to affected parties in the event of a breach of a customer’s database.” Under local data breach notification laws, companies are obliged to inform state attorneys general where large numbers of users in their states are affected. Although Monster is not duty bound to disclose the exposure to regulators, some companies proactively warn their users even when third parties are involved. It’s not uncommon for companies to warn their users of a third-party breach. Earlier this year after hackers siphoned off millions of credit cards from third-party payments processor American Medical Collection Agency, its customers — LabCorp and Quest Diagnostics — admitted to the security lapse. Monster said that because the exposure happened on a customer system, Monster is “not in a position” to identify or confirm affected users."
  13. Did you enter your email address(es) in the following site to check to see if that email address was associated with a known breach? That is most likely how they obtained your password and then used it in the cited email. https://haveibeenpwned.com/
  14. Yes, through the anti exploitation module and the ability to scan the Windows Registry.
  15. The question is not which is better but, whom do you TRUST ! Presumably, if you have a good AV/AM keylogging is not an issue and thus a moot point. However if you are on a corporate network that enabled and whitelists a Keylogger ( which is legal in the US ) then it is possible that when you data is decrypted from the credential store it may be harvested. However that points to the fact that one should NOT be doing personal business on the employer provided equipment.
  16. Besides what Porthos has indicated, you have it backwards @renatows You posted in the False Positive section. This is the area to report a situation where Malwarebytes detects a legitimate file incorrectly ( falsely ) making it a False Positive detection. When Malwarebytes doesn't detect a targeted file type that is malicious, that a False Negative. False negatives require a submission in; Newest Malware Threats after reviewing the following on how to provide sample submissions such that Malwarebytes' Anti-Malware (MBAM) can detect targeted but presently undetected threats. Malware Hunters group Purpose of this forum
  17. I don't know what "posts" you refer to but the legitimately named "CPU-Z" utility is not malicious. Note that there is a lot of misinformation on the 'net and any malware can be renamed to masquerade as any legitimate file. In fact, it is a common practice to evade and "hide in plain site" and that is why I stated This is also why you always get software and utilities directly from their source and not third parties that may host files.
  18. If obtained from the maker, https://www.cpuid.com/softwares/cpu-z.html, Yes, it is safe,
  19. These are classed as malicious advertisements or malvertisements. As such it is not about what software is on your PC but about what web sites you visit and one's browsing habits. For example there are certain porn sites that have a greater propensity to exhibit a FakeAlert. If you are on Windows, a Microsoft FakeAlert. If you are on an Apple iPhone or MAC, you will see an Apple FakeAlert. Then there are sites that don't care who they do business with when it comes to advertisement revenue. Or when one marketing company outsources to another. Then the malvertisement may be rotated in or randomly displayed. As I have explained in other discussions I have seen fake Mozilla Firefox malvertisements emanating from the Weather Channel web site. There was a case where members visited AllMusic.com and on rare occasions they got a Microsoft FakeAlert. The reports were few and reproducing it was difficult but finally I was able to coax a Microsoft FakeAlert from a visitation. It was all discussed in This Thread. Reference: Post #20
  20. @iggy22 If you are getting malvertisements in your Browser such as the FakeAlert shown in Post #1 then you need to look at what web sites your are visiting when this happens and your browsing habits. If it is happening on eBay then try to avoid these "standard elements" as there are way too many unscrupulous resellers on eBay as well as Fake eBay sites.
  21. Microsoft .NET Framework 4 (Web Installer) https://www.microsoft.com/en-us/download/details.aspx?id=17851
  22. There are some low-balled crap out that there that are being sold Windows 10/64 bit systems with 2GB RAM and 32GB SSD. To me, they are unfit for merchantability.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.