Your News Suggestions

User avatar
MyWOT-Team
Posts: 284
Joined: Mon Nov 30, 2015 12:05 pm

Your News Suggestions

Post by MyWOT-Team » Wed Mar 02, 2016 4:42 pm

What do you consider to be newsworthy enough for us to post on Social Media or our blog? Paste a link below and we'll check it out!

When posting websites and links: Please do not post live links when referencing a website. Use domain names

example.com or 127.0.0.1, without the URL

If you are referencing a URL, change the HTTP to HXXP.

For example:

hXXp://www.bad-malware-site.com/images/phish/virus.html
hXXp://127.0.0.1/exp/botnet/phish.php

Save time and trouble by not posting live links!

Not everything suggested will be posted or written about, but it's not personal. We highly appreciate your input and suggestions!

Please don't start discussions on this thread, this is just for sharing links.
---
MyWOT Team

Site-rater
Posts: 2822
Joined: Tue Sep 15, 2009 7:48 pm

RE: Your News Suggestions

Post by Site-rater » Thu Mar 03, 2016 3:51 am

As quickly as you ask for suggestions a big one for server security comes up - the DROWN vulnerability.
Sources:
hxxps://drownattack.com/
hxxps://openssl.org/news/secadv/20160301.txt
hxxp://arstechnica.com/security/2016/03/more-than-13-million-https-websites-imperiled-by-new-decryption-attack/

Any server administrator using OpenSSL should immediately upgrade to OpenSSL 1.0.2g or 1.0.1s. Users of earlier series will likely need to perform a major upgrade to be able to use these updated versions.

User avatar
MyWOT-Team
Posts: 284
Joined: Mon Nov 30, 2015 12:05 pm

RE: Your News Suggestions

Post by MyWOT-Team » Thu Mar 03, 2016 1:08 pm


As quickly as you ask for suggestions a big one for server security comes up - the DROWN vulnerability.


Thanks for the tip, we posted it today :)
---
MyWOT Team

User avatar
alphacentauri
Posts: 1670
Joined: Mon Nov 02, 2009 12:52 pm

RE: Your News Suggestions

Post by alphacentauri » Sat Mar 12, 2016 2:38 pm

Show people how to look up domain name registrations to see the date registered. A high percentage of scams would fail if people compared their recent domain registrations with the venerable dates their websites claim they began operating.
Yes, WOT has a wiki. Check there first for fast answers to many questions like "Why is my site rated red, and how do I fix that?"

User avatar
NotBuyingIt
Posts: 3202
Joined: Fri Mar 11, 2011 6:21 pm

RE: Your News Suggestions

Post by NotBuyingIt » Wed Mar 16, 2016 3:55 pm


Show people how to look up domain name registrations to see the date registered. A high percentage of scams would fail if people compared their recent domain registrations with the venerable dates their websites claim they began operating.

I agree — It's a very good topic that would also be appropriate for the WOT blog.

As an example of using the suggestion in a news article, every week hundreds of new phishing web pages that spoof PayPal are detected. (Some of these detections are listed at https://www.phishtank.com/user_submissions.php?username=PhishReporter although I don't recommend that link be published. )
Data that is stored in the cloud may become lost in the fog.

Site-rater
Posts: 2822
Joined: Tue Sep 15, 2009 7:48 pm

RE: Your News Suggestions

Post by Site-rater » Fri Mar 18, 2016 2:39 am

New iPhone malware - hxxp://researchcenter.paloaltonetworks.com/2016/03/acedeceiver-first-ios-trojan-exploiting-apple-drm-design-flaws-to-infect-any-ios-device/
WOT forum thread in Reputation discussions: https://www.mywot.com/en/forum/64870-i4-cn-apple-phishing-malware

User avatar
hotdoge3
Posts: 866
Joined: Sat Jan 03, 2009 9:14 pm

RE: Your News Suggestions

Post by hotdoge3 » Tue Mar 29, 2016 7:17 am

https://www.mywot.com/en/forum/64498-drown-hack?comment=328244#comment-328244

RE: Drown hack HTTPS flaw proves we don't even test things

Learn things? DROWN HTTPS flaw proves we don't even test things

You knew SSLv2 was poison, so why was it still there?

In the wake of the DROWN vulnerability, organisations like the Australian Signals Directorate that offer security incident mitigation strategies might consider adding another item to their lists: test your configuration to make sure it's what you expected

The DROWN flaw in HTTPS would not be anything to worry about, except that developers working on server-side software made the fatal assumption that since there were no clients left to request a deprecated SSL connection, they didn't need to update their code to kill older SSL completely.

Guest

RE: Your News Suggestions

Post by Guest » Wed Mar 30, 2016 11:53 am

Comments can be made by everybody, in the new blog. Could I suggest a plugin which blocks links having a poor reputation in wordpress comments?

Guest

RE: Your News Suggestions

Post by Guest » Wed Mar 30, 2016 1:31 pm


Comments can be made by everybody, in the new blog. Could I suggest a plugin which blocks links having a poor reputation in wordpress comments?


I do second this petition =

User avatar
MyWOT-Team
Posts: 284
Joined: Mon Nov 30, 2015 12:05 pm

RE: Your News Suggestions

Post by MyWOT-Team » Wed Mar 30, 2016 2:37 pm


Comments can be made by everybody, in the new blog. Could I suggest a plugin which blocks links having a poor reputation in wordpress comments?


Yes, adding plugins and optimizing the content is the next phase of the blog release.
We've opened new thread opened for blog discussion: https://www.mywot.com/en/forum/65220-new-blog-template
---
MyWOT Team

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests