hate these ads?, log in or register to hide them
Page 6 of 9 FirstFirst ... 3456789 LastLast
Results 101 to 120 of 164

Thread: Antivirus is shit, everything is compromised, etc etc (Cybersecurity thread)

  1. #101
    Movember 2012 I Legionnaire's Avatar
    Join Date
    April 9, 2011
    Posts
    1,573
    relevant to our interests assuming you're not a mong and can figure out how to launch the command line

    https://www.reddit.com/r/TronScript/..._sync_disable/

  2. #102
    Mallet Head Donor 56k Lagman's Avatar
    Join Date
    May 5, 2011
    Location
    Vancouver, BC
    Posts
    4,261
    Quote Originally Posted by Tyrehl View Post
    We use mcaffee enterprise AV at work, I want to disable it and reenable Windows Defender I suspect that I may be liable but hey our IT is so lazy that they may never notice/care
    My last job used VSE and for a little while I was in charge of noncompliancy. It was a mess, we had to use psexec a lot of the time because we couldn't get access to the terminals any other way while they were in use but VSE didn't have very good cli commands. Most of the issues were with the communications agent just falling apart and being irreparable without some serious cleaning out

    Quote Originally Posted by I Legionnaire View Post
    relevant to our interests assuming you're not a mong and can figure out how to launch the command line

    https://www.reddit.com/r/TronScript/..._sync_disable/
    We were only just discussing in the windows thread how much people need to stop running scripts from reddit just for the hell of it

    Quote Originally Posted by Duckslayer View Post
    I should be home.now but I keep stopping to post. I'm in need of a mega poo. so much so that I'm tempted to leave slurry across one of these gardens and deal with the wiping later. gonna toss a coin

    phoneposting

  3. #103
    Tyrehl's Avatar
    Join Date
    April 9, 2011
    Location
    [STUGH] Rote Kapelle
    Posts
    3,650
    Quote Originally Posted by 56k Lagman View Post
    Quote Originally Posted by Tyrehl View Post
    We use mcaffee enterprise AV at work, I want to disable it and reenable Windows Defender I suspect that I may be liable but hey our IT is so lazy that they may never notice/care
    My last job used VSE and for a little while I was in charge of noncompliancy. It was a mess, we had to use psexec a lot of the time because we couldn't get access to the terminals any other way while they were in use but VSE didn't have very good cli commands. Most of the issues were with the communications agent just falling apart and being irreparable without some serious cleaning out

    Quote Originally Posted by I Legionnaire View Post
    relevant to our interests assuming you're not a mong and can figure out how to launch the command line

    https://www.reddit.com/r/TronScript/..._sync_disable/
    We were only just discussing in the windows thread how much people need to stop running scripts from reddit just for the hell of it
    By "just for the hell of it" you mean "to stop windows from installing suggested apps without my permission" I guess?
    Also OneDrive is so bloody annoying, even after I disable "autostart" and everything related to it, it still starts and asks me for login.

    Honestly, such advice 1) uncalled for and 2) more suitable for your grandmother
    <Devec> hello captain Tyrehl
    <Devec> sailor of the persian seas
    Quote Originally Posted by Paradox
    I swear you are some sort of biological weapon developed in the early '90's for the Yugoslav wars but they lost track of you at some point and now you're waging a psychological war on Western Europe without a clue what you're doing.

  4. #104
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    So this just in.. Symantec installs a root kit.. I mean it makes sense as it's the only way to stop other root kits, but that's going to be tough to remove when it fucks up
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  5. #105
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    11,986
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  6. #106
    Joe Appleby's Avatar
    Join Date
    April 9, 2011
    Location
    in front of the class
    Posts
    12,529
    I like OneDrive.
    nevar forget

  7. #107
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,886
    http://seclists.org/fulldisclosure/2017/Feb/68

    "Remote Code Execution as Root via ESET Endpoint Antivirus 6"

    So when the Antivirus checks the license, it ignores the connection certificate (do Mitm here) and parses what ever comes back with an old XML parser that can be exploited .. and of course it runs as root )))))
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

  8. #108
    Tyrehl's Avatar
    Join Date
    April 9, 2011
    Location
    [STUGH] Rote Kapelle
    Posts
    3,650
    Quote Originally Posted by root View Post
    http://seclists.org/fulldisclosure/2017/Feb/68

    "Remote Code Execution as Root via ESET Endpoint Antivirus 6"

    So when the Antivirus checks the license, it ignores the connection certificate (do Mitm here) and parses what ever comes back with an old XML parser that can be exploited .. and of course it runs as root )))))
    <Devec> hello captain Tyrehl
    <Devec> sailor of the persian seas
    Quote Originally Posted by Paradox
    I swear you are some sort of biological weapon developed in the early '90's for the Yugoslav wars but they lost track of you at some point and now you're waging a psychological war on Western Europe without a clue what you're doing.

  9. #109
    Daneel Trevize's Avatar
    Join Date
    April 10, 2011
    Location
    T L A
    Posts
    11,986
    I like how the timeline goes from 2016-11 to 2016-02...
    Quote Originally Posted by QuackBot View Post
    Idk about that, and i'm fucking stupid.

  10. #110
    Movember 2011 RazoR's Avatar
    Join Date
    April 10, 2011
    Location
    The Motherland
    Posts
    27,113
    posting from W7

    feels goodman

  11. #111
    Lana Torrin's Avatar
    Join Date
    April 13, 2011
    Location
    Bonding around
    Posts
    17,873
    Quote Originally Posted by root View Post
    http://seclists.org/fulldisclosure/2017/Feb/68

    "Remote Code Execution as Root via ESET Endpoint Antivirus 6"

    So when the Antivirus checks the license, it ignores the connection certificate (do Mitm here) and parses what ever comes back with an old XML parser that can be exploited .. and of course it runs as root )))))
    Still consider eset one of the better ones.. Least it doesn't force install Java...
    Quote Originally Posted by lubica
    And her name was Limul Azgoden, a lowly peasant girl.

  12. #112

    Join Date
    May 30, 2011
    Location
    asleep
    Posts
    5,806
    has anyoen come accross this little toy before ?

    https://www.circl.lu/projects/CIRCLean/

    a bootable rPI image that auto-cleans infected files trasnfering them to a new USB
    Please don't teach me what to do with my pc.

  13. #113
    root's Avatar
    Join Date
    April 26, 2011
    Location
    The Camel Empire
    Posts
    2,886
    Oh oh, even MS got hit. Their Security Essential suit has a critical, aka wormable, "Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more."
    https://bugs.chromium.org/p/project-...id=1252&desc=5
    https://technet.microsoft.com/en-us/...curity/4022344 <-- MS response

    I have not read it yet.
    I'm just glad it's not another NodeJS server that someone forgot to turn off.
    The Rapier is my love boat
    ~lowsec smallscale pvp 'n stuff~

  14. #114

    Join Date
    May 31, 2011
    Posts
    3,239
    Ah, that's the "thing" that's been on the headlines at the beginning of this week, from that Google Zero Day guy. And "Remotely" is quite terrible.

  15. #115
    theBlind's Avatar
    Join Date
    April 9, 2011
    Posts
    1,896
    "To be clear, this is an unsandboxed and highly privileged JavaScript interpreter that is used to evaluate untrusted code, by default on all modern Windows systems. This is as surprising as it sounds."

    I hate it when the security stories can get sarcastic.
    Tanks: theBlind[URBAD] (in my heart there will always be a place for [FAIL])
    Planetside2: [UBAD]theAngelic

  16. #116

    Join Date
    May 31, 2011
    Posts
    3,239
    What did surprise me, though, was the list of affected systems: Win 7 thru 10 and only(!) Server 2016. I would've expected 2008 + 2012 to be also on that list, given the "equivalent" desktop OS is on there.

  17. #117
    theBlind's Avatar
    Join Date
    April 9, 2011
    Posts
    1,896
    Quote Originally Posted by Hel OWeen View Post
    What did surprise me, though, was the list of affected systems: Win 7 thru 10 and only(!) Server 2016. I would've expected 2008 + 2012 to be also on that list, given the "equivalent" desktop OS is on there.
    I'd guess they don't come with the Security Essentials Suite?
    Tanks: theBlind[URBAD] (in my heart there will always be a place for [FAIL])
    Planetside2: [UBAD]theAngelic

  18. #118
    Movember '11 Ginger Excellence Movember 2011Movember 2012 sarabando's Avatar
    Join Date
    April 9, 2011
    Location
    Basingstoke England
    Posts
    2,414
    have a virus thats using 100% of my GPU. ***.TMP.EXE Bitdefender isnt touching it and every time i try to install malwarebytes it fails even in safe mode i might just start formatting the lot of ti.

  19. #119
    Movember 2012 Stoffl's Avatar
    Join Date
    April 10, 2011
    Location
    The original viennese waffle
    Posts
    20,628
    What are offline / live CD virus scanners

    https://www.avira.com/de/download/pr...-rescue-system

    Posted von mein Tapashitcunt
    2/10/17 Greatposthellpurge never forget

  20. #120

    Join Date
    May 31, 2011
    Posts
    3,239
    A collection of AV Live CDs: http://www.techmixer.com/free-bootab...download-list/

    I've personally had success cleaning up a few machines with the KAV Live CD.

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •