Jump to content

WZZZ

Honorary Members
  • Posts

    52
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Solved: No more alarm bells ringing, plus learned something new. Basically everything seems normal. Just ran the update on a different Mac. Perhaps PlistBuddy has been utilized before for other application updates, but what threw me was BlockBlock reporting PlistBuddy, which I had never encountered before, and knew nothing about. Assumed that if a new .plist (LaunchDaemon) for an update was required, it would be introduced new with the update, not modified via this utility, which is what seems to have happened. Compared the pre-update (v.4.21) to the after-update (v. 5.0.159) .plists at /Library/LaunchDaemons/com.malwarebytes.mbam.rtprotection.daemon.plist. Seeing no difference, except for what seems to be the version string at the end of each.
  2. Running MacOS Ventura. Recently opened Malwarebytes there, after not using for a while (perhaps it was the new V.5?), and was greeted by requests to allow PlistBuddy to install by Patrick Warldle's Block Block. Very puzzled about this, since, as I understand it, PlistBuddy is already installed by default, and don't understand why I was prompted to allow it on the (perhaps) Malwarebytes update. Wondering if this is now expected behavior, and if so why it is happening. Have looked through the .pkg using Pacifist and find zero re. PlistBuddy anywhere there. Pkg is Malwarebytes-Mac-5.0.159.995.pkg. Note, downloaded new install pkg, as my first reflex was to deny the Block Block request, so needed to uninstall and then reinstall. Somewhat concerned, as I wonder whether this behavior, either on update, or on reinstall is actually kosher. Thanks EDIT: Less concerning: thinking now that MWB didn't necessarily install PlistBuddy, but that it triggered its already installed executable. In any case, if this is so would like to understand why MWB needed to run PlistBuddy (which I have never, at least knowingly, run to edit plist files, and was completely unaware of until now). More on PlistBuddy: https://medium.com/@marksiu/what-is-plistbuddy-76cb4f0c262d
  3. Do not want the VPN bundle, just the MWB Premium alone. Is this possible? If so, what is the cost for 1 device?
  4. After restart at least ~3 minutes or more, vs. no restart less than a minute, sometimes 30-40 seconds. -Wondering why this is -Is the scan after restart more comprehensive, thus more accurate? Or is scan time irrelevant?
  5. What I thought was likely: as it's not a real threat Malwarebytes doesn't bother with it, ignores it. Thanks.
  6. Understand that the fast speed of the scanning tool is accomplished by knowing where to look for any known infections. However, just as a test DLd the eicar test file - sitting right on Desktop in plain sight - ran a scan and the eicar was not detected. Does this mean that any form of malware sitting right on the Desktop will be ignored, or just that Malwarebytes has been told to ignore this file wherever it appears? Thanks.
  7. Never allowed the connection, but curious to know just what would have entered had I allowed? (Another concern: Not everyone runs Little Snitch, so what happened to them as a result?)
  8. LS prompts the same here. Guess it's legitimate (checks out at VirusTotal) but since it's a first wondering why this new prompt to dev.cphostaccess.com, which appears to be used by any number of other companies, including principally Shimano bicycle. IP is to Amazon Cloudfront. Denying for two hours until I know a bit more. https://i.postimg.cc/k595zFFG/Screen-Shot-2021-12-01-at-10-56-16-AM.png
  9. WZZZ

    False positive

    Re. x704.net/bbs "alertLoop" Please remove. Nothing malicious or untoward here. Unless cookies for GDRP compliance are already saved the following appear on visit or login. I am long time member, see this block when using a browser other than Firefox where site cookies have not been saved:
  10. Thanks for the information. Relieved to hear that. Supposing also that it doesn't target the "average" user. Just your average human rights activist, journalist, dissident, etc. From https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
  11. Hi Thomas, Wondering if Malwarebytes will be covering Pegasus as on-access (as a zero-click would assume not) or even for a post infection scan. Seeing that the Mac sec update is only available for Big Sur, nothing even for Catalina. As I'm restricted to HS or Mojave, would be nice to know if Malwarebytes may offer any form of protection. https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
  12. Thanks Thomas, Al. I also used to think that vulns were OS specific. Now you've given me reason for doubt. In any case, even if I were able to upgrade to the latest and greatest OS with all the new mostly useless (at least to me) bells and whistles , due to be released in the fall - which I'm not - for better security, I wouldn't want to. Have too many 32 bit applications which I continue to rely on. I've already installed 10.14, via dosdude patcher, on this late '09 iMac, and '10 Mini, and that will have to do for situations where a supported OS is needed once 10.13 is EOL. There has to be a limit to just how much security is needed/affordable/practicable. And we all need to watch out when everything switches over to ARM!
  13. Thomas, please clarify. Doesn't keeping up to date with security updates on any of the still supported but older OSs -- currently 10.13, 1014 -- cover any of those vulnerabilities, which you are suggesting are only patched in a new system update?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.