Welcome to the site where the owners and members have had it with playing "nice" and being "inclusive" and "tolerant" of points of view that are destroying the fabric of what made this country great. The members here are sick and tired of politicians of all parties lying, deceiving, stealing, and pretending they are doing it all for the good of the country while selling out to special interests who have the set goal of destroying this country. We have had enough of career politicians who use their office only for personal gain, and who refuse to listen to the people who put them in office. The membership is no longer part of the silent majority who play nice and get along while getting screwed by anyone with a loud voice and an agenda. We will no longer allow anyone to piss down our back and tell us it's raining. And we like guns too.



Go Back   DIRTYDOZENSBUNKER, LLC > Main > Computer Forum
Photo Gallery DDB Store Arcade rel="nofollow">Mark Forums Read

Computer Forum For questions and conversations about Computers and the Internet

Reply
 
Thread Tools Display Modes
Old 12-01-2016, 12:01 PM   #1
Sanders
Moderator
 
Sanders's Avatar
 
Join Date: Mar 2006
Posts: 66,355
Default Emergency Bulletin: Firefox 0 day in the wild. What to do.

Quote:
Update at 2:32pm PST / 5:32pm EST: Firefox released a fix for this a few minutes ago. Update to Firefox 50.0.2 now to patch this vulnerability. Tor have also released a fix with version 6.0.7 of their browser.There is also a Thunderbird fix out, version 45.5.1. I also posted an extended update at the end of the post including data indicating this exploit may be part of a law enforcement operation.

/End Update.

We’re publishing this as an emergency bulletin for our customers and the larger web community. A few hours ago a zero day vulnerability emerged in the Tor browser bundle and the Firefox web browser. Currently it exploits Windows systems with a high success rate and affects Firefox versions 41 to 50 and the current version of the Tor Browser Bundle which contains Firefox 45 ESR.

If you use Firefox, we recommend you temporarily switch browsers to Chrome, Safari or a non-firefox based browser that is secure until the Firefox dev team can release an update. The vulnerability allows an attacker to execute code on your Windows workstation. The exploit is in the wild, meaning it’s now public and every hacker on the planet has access to it. There is no fix at the time of this writing.

Currently this exploit causes a workstation report back to an IP address based at OVH in France. But this code can likely be repurposed to infect workstations with malware or ransomware. The exploit code is now public knowledge so we expect new variants of this attack to emerge rapidly.

This is a watering hole attack, meaning that a victim has to visit a website that contains this exploit code to be attacked. So our forensic team is keeping an eye on compromised WordPress websites and we expect to see this code show up on a few of them during the next few days. An attackers goal would be to compromise workstations of visitors to WordPress websites that have been hacked.
Details here: https://www.wordfence.com/blog/2016/...ox-0-day-wild/
__________________

"The truly dangerous man dresses inconspicuously and is soft- spoken. He walks away from most confrontations. The only time you learn that the truly dangerous man is mad at you is a split second before you die, for he never fights. He only kills. The truly dangerous man knows that fighting is what children do and killing is what men do." - Charley Reese 1986
3
Sanders is online now   Reply With Quote
Old 12-01-2016, 12:28 PM   #2
55chevy
Senior Member
 
Join Date: May 2011
Location: Central Orygun
Posts: 4,372
Default

Thank you for the warning.
55chevy is online now   Reply With Quote
Old 12-01-2016, 07:32 PM   #3
Czubek
slug
Cat Bowling Champion
 
Czubek's Avatar
 
Join Date: May 2007
Location: Stover, Missouri
Posts: 33,622
Default

There was a warning about this several months ago, but it got blown off by a lot of people. Seems that warning should have been heeded. This started off as an FBI hack to get real IP's and MAC addresses of perverts that visited child porn sites, this article seems to justify that, at least in part.

Security Advisories for Firefox: https://www.mozilla.org/en-US/securi...#firefox50.0.2

Brian
__________________
3

Here at the Dirty Dozen's Bunker, we have no problems, only solutions.
Czubek is offline   Reply With Quote
Old 12-02-2016, 08:50 AM   #4
10 Bears
Moderator
Ron North's Jewels Champion, Flash Poker Champion
 
10 Bears's Avatar
 
Join Date: Jul 2006
Location: E-Da-How
Posts: 137,846
Default

Dammit, that shit pisses me off.
Criminal hackers need terminated with extreme prejudice.
10 Bears is offline   Reply With Quote
Old 12-03-2016, 06:28 AM   #5
Czubek
slug
Cat Bowling Champion
 
Czubek's Avatar
 
Join Date: May 2007
Location: Stover, Missouri
Posts: 33,622
Default

Reading the comments and doing my own research, it seems some of the domains affected in the "multi-domains" are proxied through CloudFare???

Still, it seems this all started when the feebs injected the code into certain domains and some others grabbed it and used it for their own nefarious purposes. If I'm reading that right, any how.

Brian
Czubek is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT -4. The time now is 04:12 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.