Jump to content

David H. Lipman

Experts
  • Posts

    20,753
  • Joined

  • Days Won

    240

Community Answers

  1. David H. Lipman's post in MB 5.1.1.106 was marked as the answer   
    @BillH99999
    There are Beta versions of software; v3, v4 and v5 as Malwarebytes goes to a new version.
    However there are also Beta updates.  These are minor subversion revisions released for feedback before they get released to the Public at-large.
  2. David H. Lipman's post in [ RESOLVED ] PC slow as hell since last update was marked as the answer   
    You can wait and the software will auto-update or use the following link to get the full Offline Installer.
    http://downloads.malwarebytes.com/file/mb5_offline
  3. David H. Lipman's post in false positive in alphaMountai was marked as the answer   
    You will have to contact Alphamountain.ai - https://www.alphamountain.ai/contact/  or send them an email: support@alphamountain.freshdesk.com
    This is Malwarebytes and has no association with Alphamountain.ai and Malwarebytes is not represented on the Virus Total URL Reporting section.
    Please provide a Malwarebytes' product Log and/or a ScreenShot showing that a Malwarebytes' product is blocking the site.
    Please read before posting a possible FP

    General False Positive Reporting List
     
  4. David H. Lipman's post in FP @ 72.167.57.16 was marked as the answer   
    FYI:
    https://www.abuseipdb.com/check/72.167.57.16
  5. David H. Lipman's post in cdn.discordapp.com was marked as the answer   
    Discord's Content Delivery Network (CDN), cdn.discordapp.com, is actively being abused to deliver malware.
    Please reference:  Post ID:1590931
  6. David H. Lipman's post in [ RESOLVED ] CISA warnings re CVE-2023-46805 and CVE-2024-21887 was marked as the answer   
    Please reference:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21887
    "A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. "
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46805
    "An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. "
     
    As stated these are web components of Ivanti Connect Secure.  They are not desktop applications or Smart Phone applications and thus they are not the targets of these exploits.
     
  7. David H. Lipman's post in Spam email sent to myself via comcast. was marked as the answer   
    @Clang  provided me the email.
    It was a Forged Email.
  8. David H. Lipman's post in Spam email sent to myself via comcast. was marked as the answer   
    @Clang  provided me the email.
    It was a Forged Email.
  9. David H. Lipman's post in Malwarebytes update not giving what was announced was marked as the answer   
    Please try;  http://downloads.malwarebytes.com/file/mb4_offline
    It will download the full offline installer and update the product to the latest version.
  10. David H. Lipman's post in [ RESOLVED ] Malwarebytes and Malwarebytes VPN , Wont let me install the vpn was marked as the answer   
    The full offline version...
    http://downloads.malwarebytes.com/file/mb4_offline
     
    EDIT:
    Oooooooooooops did I make a mistake !
    That's v4.6.8+

  11. David H. Lipman's post in Is Malwarebytes scanning MS Outlook? was marked as the answer   
    No @AlainPaul. 
    Malwarebytes is not MAPI compliant, it does not scan email, and it does not target Microsoft email archive file formats nor email file disk files such as .EML and .MSG files.
    If your email is sending out spam then it may not be "infected" but is a compromised email account.  For example you fell for a Microsoft Phish and supplied your credentials.  Thus the credential harvester can then use those credentials and use your account to spew spam.
  12. David H. Lipman's post in Please Remove The False Positive From https://heropost.io of alphaMountai was marked as the answer   
    You will have to contact Alphamountain.ai - https://www.alphamountain.ai/contact/  or send them an email: support@alphamountain.freshdesk.com?subject=False%20Postive
    This is Malwarebytes and has no association with Alphamountain.ai and Malwarebytes is not represented on the Virus Total URL Reporting section.
    Please provide a Malwarebytes' product Log and/or a ScreenShot showing that a Malwarebytes' product is blocking the site.
    Please read before posting a possible FP
    EDIT:
    RE:  False Positive for Heropost.io
  13. David H. Lipman's post in Click No on Pop-Up Box. Do I need to worry? was marked as the answer   
    No worries @nso89 .  That a FakeAlert.  That is a Push Notification, web site or Pop-Up that falsely indicates and even that never happened.  They either are for Technical Support scams and have a Phone Number associated with it or are used to as a referral for some application for monetary gain.
    I have seen numerous examples of both FakeAlets for Tech Support scams and for the purpose referral profits for anti malware and VPN applications.
     
     
     
     
  14. David H. Lipman's post in False Positive at Alpha Mountain AI, Inc - www.surreybouncycastlehire.co.uk was marked as the answer   
    You will have to contact Alphamountain.ai - https://www.alphamountain.ai/contact/
    This is Malwarebytes and has no association with Alphamountain.ai and Malwarebytes is not represented on the Virus Total URL Reporting section.
    Please provide a Malwarebytes' product Log or a ScreenShot showing that a Malwarebytes' product is blocking the site.
    Please read before posting a possible FP
  15. David H. Lipman's post in Can M3U8 files contain malware was marked as the answer   
    Not.  They can not directly infect.
    If there is a vulnerability associated with a Media Player it may be used to exploit it.  I am not aware of any at this time.
    It is an interpreted text file for audio and video media players to store playlists.
    https://en.wikipedia.org/wiki/M3U
    https://docs.fileformat.com/audio/m3u8/
  16. David H. Lipman's post in Please remove my site from the alphaMountain.ai blacklist was marked as the answer   
    You will have to contact Alphamountain.ai - https://www.alphamountain.ai/contact/
    This is Malwarebytes and has no association with Alphamountain.ai and Malwarebytes is not represented on the Virus Total URL Reporting section.
  17. David H. Lipman's post in Clicked fishing link in email on Android phone was marked as the answer   
    RE:  Microsoft Phish
    If you did not provide your credentials to the Microsoft Phish then there is nothing to worry about.
  18. David H. Lipman's post in Are these .scr screensaver files malware? was marked as the answer   
    You weigh that ageist the First Submission date.  Both First Submission dates are in 2009.  That indicates that the one Detection by Trapmine for each file is a False Positive declaration.
  19. David H. Lipman's post in Did my iCloud get hacked? was marked as the answer   
    It looks looks more like a malicious advertisement (aka; malvertisement) because they desire to get control of the account and not already have compromised it.
  20. David H. Lipman's post in Malwarebytes malware detection rate was marked as the answer   
    You can take advantage of the Malwarebytes' Forum Service of having your PC checked-out by a trained Forum Helper.
    If interested...
    Please read;  I'm infected - What do I do now?  then  create a new post in;  Windows Malware Removal Help & Support
  21. David H. Lipman's post in Help with tech scam popups was marked as the answer   
    These are not generated from malware on one's PC.  They are a kind of of Malicious Advertisements (aka; malvertisement) that either exist as a web page that may be presented when visiting various web sites or may exist as Push Notifications.  Since they alert one to a condition that does not exist, they are called FakeAlerts and are a kind of Tech Support Scam.
    Did you call the number and did you provide a Credit Card, etc. ?
    Please reference the below Malwarebytes Labs article on Browser Push Notifications.
    Look for the section "How do I disable them?"
    Browser push notifications: a feature asking to be abused
    Google Chrome:
    Turn notifications on or off - Google Chrome
    Mozilla Firefox:
    Web Push notifications in Firefox
    Microsoft Edge:
    Manage website notifications in Microsoft Edge
    Apple Safari
    Customize website notifications in Safari on Mac
    FakeAlert Examples:
     
  22. David H. Lipman's post in I have blocked an Ip address, but event veiwer is showing it was marked as the answer   
    It is a Local Area Network (LAN) protocol address being a MultiCast address so you may want your Notebook/Laptop to communicate with other LAN nodes using SSDP.  But you don't want the Internet accessing it and that why one may want to block it on a Border Gateway or Router so there is no Wide Are Network (WAN or Internet)  to LAN SSDP activity.
    There are many LAN devices such as SmartTV's and  Roku that use SSDP.
  23. David H. Lipman's post in 247techies.com was marked as the answer   
    RE:  False Positive 247techies  - December '18
  24. David H. Lipman's post in Response 127.42.0.1 was marked as the answer   
    Please reference:
    https://en.wikipedia.org/wiki/Localhost
    That is an IP address in the LoopBack range.  IP 127.0.0.1  is known as the TCP/IP v4 Diagnostic Responder.
    When one wants to block access to a web site, one can force resolution of a Domain Name to a LoopBack address.  This redirects packets from going out to the Internet and point right back at one's own PC.
    Such filtering can be done on a DNS Server, through an installed application or the etc/hosts file.
  25. David H. Lipman's post in Forum Editor Cache bug is back was marked as the answer   
    This bug appears to have been fixed via Forum 'ware update v4.3.2.
     
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.