Author Topic: Security Vulnerability on Slap?  (Read 466 times)

0 Members and 1 Guest are viewing this topic.

FuzzGNU

  • Trade Count: (+1)
  • Hero Member
  • *****
  • Rep: 194
  • Posts: 894
  • The Spectre Haunting SLAP
Security Vulnerability on Slap?
« on: April 04, 2022, 04:44:06 PM »

Heads up. My antivirus has been popping up with this on Slap today:

"Suspicious connection blocked
one minute ago

Feature:
Online Threat Prevention

firefox.exe attempted to establish a connection relying on an unmatching security certificate to retroskatestickers.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one."

You guys might want to look into this. Not sure if this is the appropriate place to post this or not.
Logged
Skateboarding is the ultimate challenge.

admin

  • Administrator
  • Trade Count: (0)
  • Hero Member
  • ******
  • Rep: 889
  • Posts: 649
  • SLAP OG SLAP OG : Been around since SLAP was a mag.
Re: Security Vulnerability on Slap?
« Reply #1 on: April 05, 2022, 08:16:57 AM »

Heads up. My antivirus has been popping up with this on Slap today:

"Suspicious connection blocked
one minute ago

Feature:
Online Threat Prevention

firefox.exe attempted to establish a connection relying on an unmatching security certificate to retroskatestickers.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one."

You guys might want to look into this. Not sure if this is the appropriate place to post this or not.
Thanks for the heads up, do you have a link to the post you were visiting when you got the notice? I ask because this has happened in the past when someone uses an avatar, posts an image, or uses some other asset from a third party site (retroskatestickers.com) which then gets compromised resulting in the alert. The alert is not for SLAP itself, but it mentions it cause the users avatar is visible on SLAP while being hosted on a third party site. Usually we just remove the asset from their profile, so knowing where it is would be great.
Logged

FuzzGNU

  • Trade Count: (+1)
  • Hero Member
  • *****
  • Rep: 194
  • Posts: 894
  • The Spectre Haunting SLAP
Re: Security Vulnerability on Slap?
« Reply #2 on: April 05, 2022, 12:36:05 PM »

Expand Quote
Heads up. My antivirus has been popping up with this on Slap today:

"Suspicious connection blocked
one minute ago

Feature:
Online Threat Prevention

firefox.exe attempted to establish a connection relying on an unmatching security certificate to retroskatestickers.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one."

You guys might want to look into this. Not sure if this is the appropriate place to post this or not.
[close]
Thanks for the heads up, do you have a link to the post you were visiting when you got the notice? I ask because this has happened in the past when someone uses an avatar, posts an image, or uses some other asset from a third party site (retroskatestickers.com) which then gets compromised resulting in the alert. The alert is not for SLAP itself, but it mentions it cause the users avatar is visible on SLAP while being hosted on a third party site. Usually we just remove the asset from their profile, so knowing where it is would be great.

I think I found the user: https://www.slapmagazine.com/index.php?action=profile;u=40202

Its their profile pic.
Logged
Skateboarding is the ultimate challenge.

admin

  • Administrator
  • Trade Count: (0)
  • Hero Member
  • ******
  • Rep: 889
  • Posts: 649
  • SLAP OG SLAP OG : Been around since SLAP was a mag.
Re: Security Vulnerability on Slap?
« Reply #3 on: April 05, 2022, 01:06:14 PM »

Expand Quote
Expand Quote
Heads up. My antivirus has been popping up with this on Slap today:

"Suspicious connection blocked
one minute ago

Feature:
Online Threat Prevention

firefox.exe attempted to establish a connection relying on an unmatching security certificate to retroskatestickers.com. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one."

You guys might want to look into this. Not sure if this is the appropriate place to post this or not.
[close]
Thanks for the heads up, do you have a link to the post you were visiting when you got the notice? I ask because this has happened in the past when someone uses an avatar, posts an image, or uses some other asset from a third party site (retroskatestickers.com) which then gets compromised resulting in the alert. The alert is not for SLAP itself, but it mentions it cause the users avatar is visible on SLAP while being hosted on a third party site. Usually we just remove the asset from their profile, so knowing where it is would be great.
[close]

I think I found the user: https://www.slapmagazine.com/index.php?action=profile;u=40202

Its their profile pic.

Rad, removed it. Should be resolved.
Logged

FuzzGNU

  • Trade Count: (+1)
  • Hero Member
  • *****
  • Rep: 194
  • Posts: 894
  • The Spectre Haunting SLAP
Re: Security Vulnerability on Slap?
« Reply #4 on: April 11, 2022, 10:10:56 PM »

Again, same site: https://www.slapmagazine.com/index.php?action=profile;u=40183

Is there anyway you guys can just blacklist that site? This is a major issue.
Logged
Skateboarding is the ultimate challenge.

admin

  • Administrator
  • Trade Count: (0)
  • Hero Member
  • ******
  • Rep: 889
  • Posts: 649
  • SLAP OG SLAP OG : Been around since SLAP was a mag.
Re: Security Vulnerability on Slap?
« Reply #5 on: April 12, 2022, 08:26:07 AM »

Again, same site: https://www.slapmagazine.com/index.php?action=profile;u=40183

Is there anyway you guys can just blacklist that site? This is a major issue.

I have removed that one as well, I could blacklist it but sometimes these issues are temporary. Post here if you find another one though and I will black list it.
Logged