Mail.ru certificate again
I remind you, the beginning of the story here .
A flash player phishing banner was detected on this page:
oracle-fl-player.com/update2.php (already locked, mirror for the file )
Three months have passed, but nothing has changed. The file is signed by LLC Mail.Ru certificate. If they had a leak - they still have not called it back, if there was no leak - what the hell?
')
UPD1 : Complained to Thawte, thanks CAJAX
UPD2 : To prohibit software from Yandex and Mail.ru (prompted here , thanks to IRainman ):
UPD3 : Link and partner are already blocked , thanks HJenkins . However, this does not mean that the story will not happen again.
UPD4 : Habra community is not happy about LLC Mail.ru policy.
A flash player phishing banner was detected on this page:
oracle-fl-player.com/update2.php (already locked, mirror for the file )
Three months have passed, but nothing has changed. The file is signed by LLC Mail.Ru certificate. If they had a leak - they still have not called it back, if there was no leak - what the hell?
')
UPD1 : Complained to Thawte, thanks CAJAX
UPD2 : To prohibit software from Yandex and Mail.ru (prompted here , thanks to IRainman ):
Eradicate this garbage
It works in systems running Windows 7 Ultimate, Corporate or Windows 8 Pro. So:
Download the Yandex.Ban.xml file
Open Control Panel - Administration - Services.
Find the Application Identity service
Put it into autorun mode and run
Open Control Panel - Administration - Local Security Policy
Find Application Management Policies
Right click on “AppLocker”
Click "Import Policy"
Find and open the file "Yandeks.Ban.xml"
Now, no program from these publishers can not penetrate this computer. All of them will be blocked. At the stage of installation. And do not cause you any more inconvenience.
Download the Yandex.Ban.xml file
Open Control Panel - Administration - Services.
Find the Application Identity service
Put it into autorun mode and run
Open Control Panel - Administration - Local Security Policy
Find Application Management Policies
Right click on “AppLocker”
Click "Import Policy"
Find and open the file "Yandeks.Ban.xml"
Now, no program from these publishers can not penetrate this computer. All of them will be blocked. At the stage of installation. And do not cause you any more inconvenience.
UPD3 : Link and partner are already blocked , thanks HJenkins . However, this does not mean that the story will not happen again.
UPD4 : Habra community is not happy about LLC Mail.ru policy.
Source: https://habr.com/ru/post/188894/
All Articles