Page 2 of 7 FirstFirst 123456 ... LastLast
Results 26 to 50 of 153

Thread: IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability

  1. #26
    When I saw this I thought it might be fake, the English was bad.
    Mods; can you email your warning to members directly ? It might prevent a costly mistake for some.

  2. #27
    Member Vic2012's Avatar
    Join Date
    Nov 2012
    Location
    La Florida
    Posts
    7,550
    As soon as I saw a link and the word "download " I deleted the email. Secondly, I'd find it odd if any moderators emailed me directly.

  3. #28
    Banned
    Join Date
    Nov 2012
    Location
    Severn, MD
    Posts
    9,225
    Quote Originally Posted by Dave (in MA) View Post
    I wonder what the "fix" does if someone falls for it.

    If only they would use their powers for Niceness instead of evil.
    If only we didn't live in the universe we live in.

  4. #29
    Honestly, the first thing I thought of was Wallace.

    I doubt it was an insider (or banned ex-member) though...an insider might've taken more care to make it seem authentic.
    If you're actually reading this then chances are you already have my last album but if NOT and you're curious:
    https://battema.bandcamp.com/

    Also, Ephemeral Sun: it's a thing and we like making things that might be your thing: https://ephemeralsun.bandcamp.com

  5. #30
    Quote Originally Posted by Vic2012 View Post
    I'd find it odd if any moderators emailed me directly.
    ...you don't know what they're capable of... Potentially!



    [Now they're coming in the hall, now they're coming up the stairs...]
    "Improvisation is not an excuse for musical laziness" - Fred Frith
    "[...] things that we never dreamed of doing in Crimson or in any band that I've been in," - Tony Levin speaking of SGM

  6. #31
    On the upside...this little mostly-non-incident was a good reminder that I'd not updated my password in quite a while (and that the one I had was pretty vulnerable).
    If you're actually reading this then chances are you already have my last album but if NOT and you're curious:
    https://battema.bandcamp.com/

    Also, Ephemeral Sun: it's a thing and we like making things that might be your thing: https://ephemeralsun.bandcamp.com

  7. #32
    Banned
    Join Date
    Nov 2012
    Location
    Severn, MD
    Posts
    9,225



  8. #33
    Yeah, I woke to the same email and immediately came to PE to verify.
    G.A.S -aholic

  9. #34
    I'm here for the moosic NogbadTheBad's Avatar
    Join Date
    Nov 2012
    Location
    Boston
    Posts
    10,222
    Quote Originally Posted by Udi Koomran View Post
    You need to make this warning more prominent
    Agreed - this need to be seen by everyone, I guessed it was a scam but was about to write to the admins.
    Ian

    Host of the Post-Avant Jazzcore Happy Hour on progrock.com
    https://podcasts.progrock.com/post-a...re-happy-hour/

    Gordon Haskell - "You've got to keep the groove in your head and play a load of bollocks instead"
    I blame Wynton, what was the question?
    There are only 10 types of people in the World, those who understand binary and those that don't.

  10. #35
    Member moecurlythanu's Avatar
    Join Date
    Nov 2012
    Location
    The Planet Lovetron
    Posts
    13,021
    Quote Originally Posted by Trane View Post
    I suppose that's humour and nothing to do with Wallace & Svet getting back at us
    I haven't looked at Snake Oil Audio this week, but last time I looked in, the Liliputians had tied him to the ground and were lobbing bricks at him. He labeled them all "pigs," and Wally was on his side, but the cretins were ganging up on him.

  11. #36
    Member moecurlythanu's Avatar
    Join Date
    Nov 2012
    Location
    The Planet Lovetron
    Posts
    13,021
    ^ "Him" being Svet.

  12. #37
    Member Garyhead's Avatar
    Join Date
    Jun 2011
    Location
    Washington State
    Posts
    1,675
    Actually I came right to this sight to read the multi-page-bitch-fest rivaling a yes / genesis thread....

    Thanks for looking out for us Uncle Duncan.......
    The Ice Cream Lady Wet her drawers........To see you in the Passion Playyyy eeee - I. Anderson

    "It's kind of like deciding not to date a beautiful blonde anymore because she farted." - Top Cat

    I was expecting to be kinda meh, but it made my nips stiffen - Jerjo

    (Zamran) "that fucking thing man . . . it sits there on my wall like a broken clock " - Helix

    Social Media is the "Toilet" of the Internet - Lady Gaga

  13. #38
    Member moecurlythanu's Avatar
    Join Date
    Nov 2012
    Location
    The Planet Lovetron
    Posts
    13,021
    Quote Originally Posted by battema View Post
    Honestly, the first thing I thought of was Wallace.
    Wallace doesn't have 1/10 of the computer know-how to pull off a hack and a mass mailing.

  14. #39
    Member Plasmatopia's Avatar
    Join Date
    Nov 2012
    Location
    Plague Sanctuary, Vermont
    Posts
    2,481
    Quote Originally Posted by Zeuhlmate View Post
    You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

    BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...
    Firefox has recently been warning me that the PE login is not secure.
    <sig out of order>

  15. #40
    You guys really need to e-mail everyone in your database about this. Not everyone is a regular user and you cannot expect them to come to the site and find out it's a scam. (It's not even on your home page.) Be proactive about it. And, yes, you should get an SSL cert for the site.
    "The White Zone is for loading and unloading only. If you got to load or unload go to the White Zone!"

  16. #41
    Lets be clear though you were hacked. They emailed me at an email address I only use here. As a web developer I use a different email address on every site.
    Mark Monforti
    Co-Owner of Progrock.com
    www.ProgRock.com

    North America Distribution and Boutique Label
    https://essentials.ProgRock.com

    Discord Server
    https://discord.gg/XjXVZ8WqNP

    900 + Podcasts here
    www.musicinwidescreen.com
    Live Shows Sunday 6pm-9pm CST Sundays @ ProgRock.com

  17. #42
    Member
    Join Date
    Jan 2013
    Posts
    4,485
    Quote Originally Posted by Plasmatopia View Post
    Firefox has recently been warning me that the PE login is not secure.
    This. Type in 'Progressive Ears' on Google and it actually says 'This site may be hacked'. It is redirecting to something called 'My File Store' if you access the site via Google (which I usually don't anyway)...this was flagged up in the forum long ago and yet nothing changed, it's still doing it now. Worrying.

    When I looked this morning (in the UK) after reading this alert there was no e-Mail and now I see I have one, seemingly sent only two and a half hours ago. So is this still going on?
    Last edited by JJ88; 04-19-2017 at 08:25 AM.

  18. #43
    Jazzbo manqué Mister Triscuits's Avatar
    Join Date
    Nov 2012
    Location
    Utopia
    Posts
    5,389
    Boy, that Geoff Downes just won't let it go, will he?
    Hurtleturtled Out of Heaven - an electronic music composition, on CD and vinyl
    https://michaelpdawson.bandcamp.com
    http://www.waysidemusic.com/Music-Pr...MCD-spc-7.aspx

  19. #44
    Quote Originally Posted by Zeuhlmate View Post
    You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

    BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...
    Yes, we still get this message:

    "Malicious site warning.

    This site may be hacked or contain malicious software. Visiting this page may be harmful.

    Opera Software strongly discourages visiting this page.

    Why was this page blocked?

    Reported by Yandex. Our fraud reports are maintained by third-party vendors."

    Yandex is a Russian service that also has their own web-browser.

  20. #45
    Member
    Join Date
    Nov 2012
    Location
    Chapel Hill, NC
    Posts
    54
    Silly me - thinking there was the possibility of porn involved - clicked on the links.

  21. #46
    Highly Evolved Orangutan JKL2000's Avatar
    Join Date
    Mar 2003
    Location
    Westchester, NY
    Posts
    16,529
    Saw the warnings here, checked and saw the email and moved it to the trash folder. Thanks!

  22. #47
    Member Zalmoxe's Avatar
    Join Date
    Nov 2012
    Location
    Toronto, Canada
    Posts
    652
    Quote Originally Posted by Duncan Glenday View Post
    WE HAVE BEEN HACKED!

    If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

    IGNORE IT

    It's a scam.


    Thanks,


    The (real) Admin
    But somehow your website got hacked since they've got hold of all our emails!!!

  23. #48
    Member
    Join Date
    Feb 2013
    Location
    Derby, Vermont
    Posts
    236

    'This sight may be hacked'

    Good Morning...

    First of all - my experience here has been the same as some of this threads comments. I noticed several weeks ago, in blue type, the comment 'This sight may be hacked' when I first Googled ProgressiveEars to get to this sight. When opening the PE sight, I too would get directed to 'Firefox'. My apology for not saying something a while ago. When I went to Progressive FORUMS I did not get re-directed. Thought little of the hack possibility since that discovery.....

    This, along with sooooooo much advertising and 'click here' aspects of the modern day sights (sometime just to navigate the cursor is a chore) , has me quite frustrated with the internet at times!

    Good to see this scenario being addressed.

    Carry On
    Chris Buckley

  24. #49
    Member Jerjo's Avatar
    Join Date
    Nov 2012
    Location
    small town in ND
    Posts
    6,432
    Shit, I'm almost tempted to go to Snake Oil just to see bricks being thrown at Svet. Almost.

    I agree that there should be massive email sent to all members just so everyone is aware. Chrome is telling me the site is not secure. Then again it does the same for me on Metafilter, the Hoffman forum, etc.
    I don't like country music, but I don't mean to denigrate those who do. And for the people who like country music, denigrate means 'put down.'- Bob Newhart

  25. #50
    Member Yodelgoat's Avatar
    Join Date
    Nov 2012
    Location
    Tejas
    Posts
    1,065
    I recall a story, years back of a Russian hacker being discovered and beaten to death with a baseball bat. it was as gruesome a murder as could ever happen. I've quietly wished this death upon every attempted hacker since then.

    Thanks for staying on top of this.

    reminds me of a few weeks back. My wife got a call from a woman saying she worked for the IRS and they were going to arrest her if she didnt pay them $5000. I took the phone from my wife and said: "yes who am I speaking with?" The voice responded "we are the IRS and you owe 5k in back taxes". I said "This is officer Shrek from the FBI. Please give me your badge number..."

    ... click.

    We had a good laugh. and no repeated calls

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •