Jump to content

sp123

Honorary Members
  • Posts

    224
  • Joined

  • Last visited

Reputation

38 Excellent

Profile Information

  • Location
    Lost
  • Interests
    Security

Recent Profile Visitors

3,927 profile views
  1. @gatortail sorry to bother you, but would you mind commenting on the license situation? Thanks
  2. uBlock Origin's developer strongly recommends people not use other content/ad blockers with uBlock Origin. While I doubt the malware protection will conflict, the adblocking will (and there are reports of it conflicting). uBlock Origin has specific rules which take advantage of it's features to enhance EasyList, such as by redirecting blocked ad scripts to "fillers" to prevent breakage. Thanks
  3. Hello, biometrictoday.com is blocked because the IP it is hosted on - 108.163.193[.]186 - is blocklisted. This appears to be a legitimate website about biometrics, and the IP looks clean. I am not affiliated with this website or it's hosting provider. Thank you.
  4. No, uBlock Origin has other filterlists. However, this does mean the adblocking-component of MBG will conflict with uBlock Origin (the malware/scam blocking parts shouldn't). Then the EasyList authors should be credited in the extension's description. Also, I am not sure (not a lawyer), but given EasyList is under GPL and CC BY-SA 3.0 (both of which are so-called viral licenses), you may be required to license part of/all of the extension under GPL. Thanks
  5. Hello, I noticed Malwarebytes is blocking 192.160.102[.]164 This is a Tor node, and blocking it breaks programs which use Tor. While Tor is abused - and it seems threat actors may have used the same server for malicious activities - an entire IP should not be blocked for a abuse unless it is used only for abuse, which is not the case. Thank you.
  6. Does this mean Malwarebytes Browser Guard is using EasyList? Test URLs: https://web.archive.org/web/20231121153314/https://www.c-span.org/video/?531450-1/fbi-director-homeland-security-secretary-testify-threats-part-1 https://www.npr.org/2023/02/23/1159084476/know-it-all-ai-and-police-surveillance Thanks
  7. This website is supposedly run by a "well known Youtuber within germany". By blocklisting 144.76.85.238, this website is inadvertently blocked. I do not see any issues with 144.76.85.238, and the only notable issue with schroederdennis[.]de is a malware URL which has been taken down. Thank you.
  8. I noticed Malwarebytes was blocking wtools[.]io due to the IP addresses it is hosted on. 104.21.6.247 172.67.135.130 Both of these IP addresses are CloudFlare IPs. While I understand CloudFlare is quite untrustworthy, I do not think it should be blocked as malware. Please reclassify these IPs as privacy threats. Thanks
  9. sp123

    log pasta

    It is a pastebin-like site, so I imagine people often upload malware to it (hence the detections). However, I am open to evidence to the contrary. Thanks
  10. https://www.logpasta.com/paste/raw/8100c64c-d3d5-4258-8302-e181945c57c7.txt This URL is falsely blocked by Browser Guard and Malwarebytes Web protection. Thanks
  11. Seems this was a mistake by Amazon: https://www.bleepingcomputer.com/news/security/amazon-sends-mastercard-google-play-gift-card-order-emails-by-mistake/ A lot of people (including one of my family members) got these emails, and also thought they were phishing.
  12. I noticed whois[.]nicenic[.]net is blocklisted by Malwarebytes while doing a WHOIS lookup on the recent fake Bitwarden website (https://www.virustotal.com/gui/domain/bitwariden.com) using the sysinternals WHOIS command. This domain seems legitimate. Thanks whois.nicenic.txt
  13. While using Tor Browser, I noticed my entry node was blocked, causing some websites to not fully load: 185.244.24.40 It appears this is also an exit node (?). While people do use Tor for malicious actives (i.e. the login brute forcing reported on the IP Abuse DB): - it is pointless to blocklist the exit node used, as by design Tor Browser will give you a different circuit ever so often - this harms the many legitimate users of Tor - attackers have countless other tools In the future, would it be possible to check if an abusive IP is a Tor exit node before blocklisting it? Thank you. tor entry node 1.txt
  14. sp123

    www2.gmer.net

    It seems GMER's website is blocklisted (gmer.net is fine, just the www2 subdomain). For example: http://www2.gmer.net/download.php Browser Guard version: 2.6.8 Riskware database version: 2.0.202308281544
  15. I am aware of other scanning websites, and do use them. I also use MBBG and MBAM. I was just curious why Malwarebytes wasn't on VT. Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.