[quote]AdGholas picked out normal users to attack, as opposed to security researchers investigating the code in virtual machines, by studying their language settings, timezones, and whether the OS was bundled with the PC, according to security biz Proofpoint.
The booby-trapped web ads used JavaScript and steganography to smuggle code onto systems via images, and then attempted to use that code to exploit common software vulnerabilities to install malware.[/quote]
source: [url]http://www.theregister.co.uk/2016/07/28/adgholas_malvertising/[/url]
(my first personal experience with getting banned off communities on the internet was in about 1997ish when I learnt how to put javascript in JPEG images to make people's browsers crash. Funny that we sit here like 20 years later and it's still an exploit that seems to work)
Weird how a lot of stuff as far as security has gone a complete 360. Suddenly am finding myself getting popups again when downloading files despite having adblock (although these ones are new tabs instead of windows).
[QUOTE=matt000024;50790885]Weird how a lot of stuff as far as security has gone a complete 360. Suddenly am finding myself getting popups again when downloading files despite having adblock (although these ones are new tabs instead of windows).[/QUOTE]
Yeah i noticed that too. Ads on some sites keep showing up despite my adblock.
What adblock are you guys using? I've heard often of ads just slipping past people using adblock plus, I'd recommend ublock origin. Pretty top notch.
Though for something like this noscript is probably the best solution, though, it can be a bit cumbersome to use.
yeah get ublock origin if your using abp
lighter memory usage, more efficient, faster updates
Ublock has problems blocking ads on pornhub and other video sites like it.
Get that noscript boi
Keep it running on every page except where you require scripts
[QUOTE=phygon;50791156]Get that noscript boi
Keep it running on every page except where you require scripts[/QUOTE]
I recently started using uMatrix (like two days ago) for script blocking.
It reminds me why I stopped using stuff like that and just started using more aggressive adblocking lists. Yeah, the security is nice but holy fuck is it a pain in the dick trying to find the scripts that will actually make the webpage work sometimes.
[QUOTE=phygon;50791156]Get that noscript boi
Keep it running on every page except where you require scripts[/QUOTE]
what's a similar version for chrome?
[QUOTE=matt000024;50790885]Weird how a lot of stuff as far as security has gone a complete 360. Suddenly am finding myself getting popups again when downloading files despite having adblock (although these ones are new tabs instead of windows).[/QUOTE]
I get these too when I go on redtube. Luckily I have 2 adblockers and ScriptBlock to protect me.
Funny that you still need to protect yourself even when you're just masturbating
[editline]28th July 2016[/editline]
[QUOTE=chipsnapper2;50791178]what's a similar version for chrome?[/QUOTE]
ScriptBlock
[QUOTE=chipsnapper2;50791178]what's a similar version for chrome?[/QUOTE]
Umatrix is available for chrome
[url]https://chrome.google.com/webstore/detail/umatrix/ogfcmafjalglgifnmanfmnieipoejdcf?hl=en[/url]
[QUOTE=Banned?;50791168]I recently started using uMatrix (like two days ago) for script blocking.
It reminds me why I stopped using stuff like that and just started using more aggressive adblocking lists. Yeah, the security is nice but holy fuck is it a pain in the dick trying to find the scripts that will actually make the webpage work sometimes.[/QUOTE]
After you use it for a while, you get an eye for which scripts to allow
[QUOTE=Banned?;50791168]I recently started using uMatrix (like two days ago) for script blocking.
It reminds me why I stopped using stuff like that and just started using more aggressive adblocking lists. Yeah, the security is nice but holy fuck is it a pain in the dick trying to find the scripts that will actually make the webpage work sometimes.[/QUOTE]
I make my life easy and just disable it on pages that need it
It's not too many, thankfully
[QUOTE=chipsnapper2;50791178]what's a similar version for chrome?[/QUOTE]
Umatrix
[QUOTE=Banned?;50791168]I recently started using uMatrix (like two days ago) for script blocking.
It reminds me why I stopped using stuff like that and just started using more aggressive adblocking lists. Yeah, the security is nice but holy fuck is it a pain in the dick trying to find the scripts that will actually make the webpage work sometimes.[/QUOTE]
uMatrix is generally quite simple to get working for 90% of the sites out there, adding this to your rules will catch most of the scripts used by a lot of sites now;
[code]
* * * block
* * css allow
* * frame block
* * image allow
* *.cloudfront.net frame allow
* 1st-party * allow
* 1st-party frame allow
* akamai.net * allow
* akamaihd.net * allow
* amazonaws.com * allow
* apis.google.com frame allow
* bootstrapcdn.com * allow
* clients5.google.com frame allow
* cloudflare.com * allow
* cloudfront.net * allow
* consent.google.com frame allow
* disqus.com * allow
* disqus.com frame allow
* disquscdn.com * allow
* firebaseio.com * allow
* firebaseio.com frame allow
* fonts.googleapis.com * allow
* ggpht.com * allow
* github.com * allow
* google.co.uk * allow
* google.com * allow
* googleapis.com * allow
* googlecommerce.com * allow
* googleusercontent.com * allow
* googlevideo.com * allow
* gravatar.com * allow
* gstatic.com * allow
* jquery.com * allow
* login.live.com frame allow
* maps.googleapis.com * allow
* s.youtube.com image allow
* s.ytimg.com script allow
* stripe.com * allow
* stripecdn.com * allow
* typekit.net * allow
* www.youtube.com frame allow
* youtube.com * allow
* ytimg.com * allow
[/code]
It took me a while to get this together, and it's constantly growing. But I've not had to manually allow through the basic scripts for a site for a while now.
[QUOTE=Dr.C;50791179]I get these too when I go on redtube. Luckily I have 2 adblockers and ScriptBlock to protect me.
Funny that you still need to protect yourself even when you're just masturbating
[editline]28th July 2016[/editline]
ScriptBlock[/QUOTE]
Just like having sex in real life, It's always a good idea to wear protection.
[QUOTE=TheJoker;50791120]Ublock has problems blocking ads on pornhub and other video sites like it.[/QUOTE]
Make sure the addon is active in private browsing.
[QUOTE=AlienCreature;50791440]Make sure the addon is active in private browsing.[/QUOTE]
I have a dedicated browser for porn.
[QUOTE=Banned?;50791168]Yeah, the security is nice but holy fuck is it a pain in the dick trying to find the scripts that will actually make the webpage work sometimes.[/QUOTE]
The nice thing is that whitelisting scripts generally only has to be done once, or at most once in a while.
Some new site breaks and isn't fixed in 5 seconds? Move on. Not worth your time.
Tip for those who want to go NEXT LEVEL!! with their blocking: [url]https://github.com/StevenBlack/hosts[/url] I recently used this, it's basically a list of hosts you can add/replace your computer's hosts file with in order to block connections/loading/etc. from some of the worst places, adware, malware, porn ads, gambling, etc. Even the things you can't immediately see. Seems to make things load faster in general.
Interesting that it, amongst other things, checked to see if Windows was bound to the machine. I'm assuming by this it means the way the OS is on pre-built machines, meaning it was less likely by design to infect PC gamers who were on rigs they built from scratch.
And then people wonder why do people don't disable adblockers :pudge:
[QUOTE=TestECull;50791861]Interesting that it, amongst other things, checked to see if Windows was bound to the machine. I'm assuming by this it means the way the OS is on pre-built machines, meaning it was less likely by design to infect PC gamers who were on rigs they built from scratch.[/QUOTE]
Pretty sure the reason that the malware was designed to target bundled (pre-built) machines is that typically owners of pre-built machines have substantially less knowledge of their computers than owners of custom-built rigs. Therefore it'd likely have a much higher success rate targeting those pre-built systems since often times computer illiterate people are much more susceptible to malware.
This is also increasingly more relevant as multiple computers become more commonplace in households. Children / younger people aren't exactly well-versed in safe browsing habits and could also find themselves vulnerable to this type of malware as well.
So to put it simply the developer of the malware knows his audience and targeted the malware specifically for them.
[QUOTE=thelurker1234;50791013]What adblock are you guys using? I've heard often of ads just slipping past people using adblock plus, I'd recommend ublock origin. Pretty top notch.
Though for something like this noscript is probably the best solution, though, it can be a bit cumbersome to use.[/QUOTE]
I find uBlock Origin to be fairly crap against popupss and popunders and things like youtube ads
So I use both
[editline]28th July 2016[/editline]
[QUOTE=hexpunK;50791319]uMatrix is generally quite simple to get working for 90% of the sites out there, adding this to your rules will catch most of the scripts used by a lot of sites now;
[code]
* * * block
* * css allow
* * frame block
* * image allow
* *.cloudfront.net frame allow
* 1st-party * allow
* 1st-party frame allow
* akamai.net * allow
* akamaihd.net * allow
* amazonaws.com * allow
* apis.google.com frame allow
* bootstrapcdn.com * allow
* clients5.google.com frame allow
* cloudflare.com * allow
* cloudfront.net * allow
* consent.google.com frame allow
* disqus.com * allow
* disqus.com frame allow
* disquscdn.com * allow
* firebaseio.com * allow
* firebaseio.com frame allow
* fonts.googleapis.com * allow
* ggpht.com * allow
* github.com * allow
* google.co.uk * allow
* google.com * allow
* googleapis.com * allow
* googlecommerce.com * allow
* googleusercontent.com * allow
* googlevideo.com * allow
* gravatar.com * allow
* gstatic.com * allow
* jquery.com * allow
* login.live.com frame allow
* maps.googleapis.com * allow
* s.youtube.com image allow
* s.ytimg.com script allow
* stripe.com * allow
* stripecdn.com * allow
* typekit.net * allow
* www.youtube.com frame allow
* youtube.com * allow
* ytimg.com * allow
[/code]
It took me a while to get this together, and it's constantly growing. But I've not had to manually allow through the basic scripts for a site for a while now.[/QUOTE]
Maybe set up a github for it?
[QUOTE=thelurker1234;50791013]What adblock are you guys using? I've heard often of ads just slipping past people using adblock plus, I'd recommend ublock origin. Pretty top notch.
Though for something like this noscript is probably the best solution, though, it can be a bit cumbersome to use.[/QUOTE]
I use ublock origin and this thing [url]http://someonewhocares.org/hosts/[/url] as well as noscript
no ads on skype too cause of the hosts edit, fucking awesome
You need to be looking at anti-adblock killer for the pop up stuff depending on where you are visiting and the website is attempting to get around adblock.
[QUOTE=TheJoker;50791120]Ublock has problems blocking ads on pornhub and other video sites like it.[/QUOTE]
those ads are hot though
Sorry, you need to Log In to post a reply to this thread.
