NoScript Sightings
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
The Register: Clickjacking threat punts Facebook survey scam
Softpedia's Report "'Top T-Shirt Fails' Facebook Scam Employs Clickjacking" is fairly more understandable to me:
Maybe because I'm not a native English reader, I find the statement above quite obscure.The Register wrote: Prospective marks running the NoScript Firefox plug-in are protected from the line of attack, which continues with a supposed "human verification step". Marks are invited to complete a time-wasting survey before they are allowed to view the T-shirts.
Softpedia's Report "'Top T-Shirt Fails' Facebook Scam Employs Clickjacking" is fairly more understandable to me:
Softpedia wrote: In this case a hidden Facebook Share button is positioned over the Next one on Step 2 of the "facebook human verification" dialog.
Firefox users who use the NoScript extension will see a warning about a clickjacking attempt being blocked when they click the Next button.
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10
Re: NoScript Sightings
Critical vulnerability in Firefox 3.5 and Firefox 3.6
10.26.10 - 02:30pm
Issue:
Mozilla is aware of a critical vulnerability affecting Firefox 3.5 and Firefox 3.6 users. We have received reports from several security research firms that exploit code leveraging this vulnerability has been detected in the wild.
Impact to users:
Users who visited an infected site could have been affected by the malware through the vulnerability. The trojan was initially reported as live on the Nobel Peace Prize site, and that specific site is now being blocked by Firefox’s built-in malware protection. However, the exploit code could still be live on other websites.
Status:
We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested.
In the meantime, users can protect themselves by doing either of the following:
Disabling JavaScript in Firefox
Using the NoScript Add-on
http://blog.mozilla.com/security/2010/1 ... refox-3-6/
10.26.10 - 02:30pm
Issue:
Mozilla is aware of a critical vulnerability affecting Firefox 3.5 and Firefox 3.6 users. We have received reports from several security research firms that exploit code leveraging this vulnerability has been detected in the wild.
Impact to users:
Users who visited an infected site could have been affected by the malware through the vulnerability. The trojan was initially reported as live on the Nobel Peace Prize site, and that specific site is now being blocked by Firefox’s built-in malware protection. However, the exploit code could still be live on other websites.
Status:
We have diagnosed the issue and are currently developing a fix, which will be pushed out to Firefox users as soon as the fix has been properly tested.
In the meantime, users can protect themselves by doing either of the following:
Disabling JavaScript in Firefox
Using the NoScript Add-on
http://blog.mozilla.com/security/2010/1 ... refox-3-6/
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; rv:2.0b7pre) Gecko/20101008 Firefox/4.0b7pre SeaMonkey/2.1b1
Re: NoScript Sightings
Beware enticing Bieber links, free offers on Facebook
InSecurity Complex - CNET News
...yadda..yadda...
If you see a potential or obvious scam on Facebook report it to the person whose account is spreading it, M86
said. The NoScript Firefox plug-in protects against clickjacking attacks such as this, it added.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.14) Gecko/20110218 Firefox/3.6.14
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
NoScript among the "Enhanced Protection Recommendations" by NSA (US' National Security Agency this time ) (page 7 of the PDF).
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Re: NoScript Sightings
The man in the browser and Phishing with legit URL’s
Of course noscript will prevent these kind of attacks ...
Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
Re: NoScript Sightings
Softpedia.com: NoScript 2.1.6 Brings Keyboard Accelerators
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:9.0a2) Gecko/20111017 Firefox/9.0a2 SeaMonkey/2.6a2
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Forbes - Best Read: Brand'ts Top 5 Malware Threats in 2012
David Coursey wrote: If you’re not running Firefox with NoScript installed, you need to do so right now. As far as I can tell, it’s the only surefire method of preventing an accidental infection of a Windows PC by exploit-kitted Web pages.
Mozilla/5.0 (Windows NT 5.2; WOW64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
Re: NoScript Sightings
I believe I'll link that in the thread, "Google Chrome vs. FX+NS;", thanks.Giorgio Maone wrote:Forbes - Best Read: Brand'ts Top 5 Malware Threats in 2012David Coursey wrote: If you’re not running Firefox with NoScript installed, you need to do so right now. As far as I can tell, it’s the only surefire method of preventing an accidental infection of a Windows PC by exploit-kitted Web pages.
Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
Re: NoScript Sightings
Softpedia.com: NoScript 2.2.5 Released
It took only three release candidates for the developer to come out with the stable version for NoScript 2.2.5.
All the features you’ve been accustomed to have been preserved and there is no addition in the extension. As all the effort invested to reach this version number was to eliminate bugs and improve compatibility with various widgets and websites.
As such, the new release brings to the table better compatibility with Verified by VISA (www.securesuite.net). On the same note, ClearClick feature has also been improved, as there is better compatibility with recent Disqus widget versions.
Linux tooltips obstructing the embedding unblocking confirmation dialog should no longer occur as the developer came up with a workaround for the issue.
NoScript allows JavaScript, Java, Flash and other plugins to be executed only by trusted websites of your choice. You can download it from this page.
It took only three release candidates for the developer to come out with the stable version for NoScript 2.2.5.
All the features you’ve been accustomed to have been preserved and there is no addition in the extension. As all the effort invested to reach this version number was to eliminate bugs and improve compatibility with various widgets and websites.
As such, the new release brings to the table better compatibility with Verified by VISA (www.securesuite.net). On the same note, ClearClick feature has also been improved, as there is better compatibility with recent Disqus widget versions.
Linux tooltips obstructing the embedding unblocking confirmation dialog should no longer occur as the developer came up with a workaround for the issue.
NoScript allows JavaScript, Java, Flash and other plugins to be executed only by trusted websites of your choice. You can download it from this page.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 5.1; rv:11.0a2) Gecko/20120103 Firefox/11.0a2 SeaMonkey/2.8a2
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: NoScript Sightings
Remove Facebook Timeline' themed scam circulating on Facebook (Zero Day, ZDNet's security news by Ryan Nairaine Dancho Danchev):
Users are advised to take advantage of Firefox’s NoScript extension in order to prevent clickjacking and likejacking attempts.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
Re: NoScript Sightings
@ Giorgio:
Did you break the lnk deliberately? There's a space after the URL closure tag that caused a line feed in the wrap, I think. Removing the space (butting up "Remove" to the "]" makes the link work.
Seems like a safe link that users might want to click, but of course I wouldn't edit your posts without checking first. If it was broken deliberately for anti-SEO or whatever, cool.
Did you break the lnk deliberately? There's a space after the URL closure tag that caused a line feed in the wrap, I think. Removing the space (butting up "Remove" to the "]" makes the link work.
Seems like a safe link that users might want to click, but of course I wouldn't edit your posts without checking first. If it was broken deliberately for anti-SEO or whatever, cool.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.25) Gecko/20111212 Firefox/3.6.25