BattleTech - The Board Game of Armored Combat
Off Topic and Technical Support => Forum Technical Support => Topic started by: Stinger on 01 February 2016, 09:16:58
-
I just thought I would mention this:
https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en#url=http://www.catalystgamelabs.com/
Looks to be only the Catalyst Game Labs site, but it should be mentioned.
Thanks!
-
I just thought I would mention this:
https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html?hl=en#url=http://www.catalystgamelabs.com/
It's affecting other sites, too. Mozilla tagged battlecorps.com and doesn't load some of the images.
-
Hi all,
A few days ago we ran into some server issues. Nothing has been compromised, and we're working to correct the problems. No worries.
-
A few days ago we ran into some server issues. Nothing has been compromised, and we're working to correct the problems. No worries.
Which is exactly what a comstar adept would say. }:)
-
Where is the ComStar Clock (aka the Hand of Blake) pointing- Gibson, Terra or Tukayyid? (Shadows of Faith V6)
-
Gibson
-
Hello....Forum stats for me as well:
Reported Attack Page!
This web page at bg.battletech.com has been reported as an attack page and has been blocked based on your security preferences.
-
I just tried reloading a forum page and got the warning while using firefox.
I'd say what ever is going on w/battlecorps & battleshop is getting worse.
-
Google was asked to review all sites and we were cleared this morning. We'll continue to work on things, but ask you all to maintain your patience.
Peace of Blake be with you.
-
That's not at all creepy Knightmare
Just logged in on Chrome and its warning of malware nothing creeping up on anti-virus or anything just wanted to let you guys know.
-
Also, google/firefox is till warning of reported site attack.
-
Yeah, I had an attack page warning on Firefox as of five minutes ago...
-
Yeah, I had an attack page warning on Firefox as of five minutes ago...
Had a warning in Safari trying to post this response.
-
We continue to tirelessly work to correct the current technical issues plaguing our system. Our hard working and very skilled adepts are very close to fixing the error. As always, your safety and security are our primary concern.
Please continue to track the News and Announcement Board for more information as it becomes available.
Thank you, and Peace of Blake be with you.
-
So Google was behind Gray Monday?
-
Hello....Forum stats for me as well:
Reported Attack Page!
This web page at bg.battletech.com has been reported as an attack page and has been blocked based on your security preferences.
I am using Firefox (downloaded in December 2015); I can't find the version. I get this as well. Also, when I tried to ignore and load the page, it told me this site was listed as a possible phishing attack site.
It just started this a couple of nights ago.
-
Same sort of issues, I keep getting the attached screenshot while viewing the site on my iPhone.
-
Still getting the red warning page from Google Chrome about a malware infestation here. I haven't gotten it before today, but it's been consistent today.
-
Google was asked to review all sites and we were cleared this morning. We'll continue to work on things, but ask you all to maintain your patience.
Well, either the admins are flat out lying to us or things are moving at the speed of bureaucracy outside their control.
I know which I choose to believe.
-
We continue to tirelessly work to correct the current technical issues plaguing our system. Our hard working and very skilled adepts are very close to fixing the error. As always, your safety and security are our primary concern.
We're doomed then, aren't we? :D
-
So Google was behind Gray Monday?
Boy, does that make entirely too much sense.
-
Hello....Forum stats for me as well:
Reported Attack Page!
This web page at bg.battletech.com has been reported as an attack page and has been blocked based on your security preferences.
Did the same to me today, after last night updating to the latest version of firefox..
-
Well, either the admins are flat out lying to us or things are moving at the speed of bureaucracy outside their control.
I know which I choose to believe.
Been getting it since yesterday.
-
I've also been getting it for a couple of days (I think it was Monday I got the first notification).
In addition, something has been tripping a Xigncode3 shut down for Black Desert Online - Character Creator saying it is detecting a trojan (bitdefender AV Plus isn't finding anything though). This wasn't happening about a week ago - the last time I used the program.
Not necessarily related, but the timing is poor and suggestive.
-
So...are we at least safe if we stick to WAP2?
-
Chrome on Desktop seems to be behaving correctly now. Thank you for your hard work!
-
Yes thank you! Appears to be all good now!
-
Firefox is also playing nice again.
-
If you wouldn't mind, could a site admin put in a reassessment request with sophos? The url should be https://secure2.sophos.com/en-us/threat-center/reassessment-request.aspx
Their web protection stuff is still flagging the site.
Thanks.
-
I put in a request for reassess. Note: you don't have to be a site admin to submit it.
Side note: I work for sophos, but not in the labs. I'll see what I can do to nudge it along.
-
Thanks, it's not being blocked anymore!
I had thought about putting in the request myself, but I was worried the lab would actually ask me a question about the site that I would be completely unable to answer and that might actually make things worse!
Side note: Well whatever you do, I can say I'm pretty happy with Sophos' products, so good job!
-
So...are we at least safe if we stick to WAP2?
WPA has nothing to do with this.
-
Thanks, it's not being blocked anymore!
I had thought about putting in the request myself, but I was worried the lab would actually ask me a question about the site that I would be completely unable to answer and that might actually make things worse!
Side note: Well whatever you do, I can say I'm pretty happy with Sophos' products, so good job!
Thanks! (I'm in the support department)
Yeah, looks like we picked up the google safesearch results on the 2nd. Re-eval was done this morning after we got the reports. Back to being categorized Games.
-
Saw that warning all day yesterday on Safari and Chrome. No sign of it today.
-
Wondering if the "unblock" has anything to do with the conspicuous lack of content on the homepages of all the catalyst sites.
Dunno if it's related to what happened to Catalyst, but one may also want to be aware of:
http://arstechnica.com/security/2016/02/mysterious-spike-in-wordpress-hacks-silently-delivers-ransomware-to-visitors/
Which has gotten a few sites I know running WP tossed on the blacklist (while I laugh at the people who use WP by choice -- I know, stop flagellating the deceased equine) all had this rather nasty bugger...
The disturbing part is it's attack vector remains something of a mystery, though iframe based video embeds (of all things) seem to be related. What makes that REALLY disturbing is IFRAME's are supposed to block cross site exploits -- but again there's a reason we were told 18 years ago to stop using them. Shame 99% of web developers stuck their fingers in their ears and just didn't want to hear that they couldn't use their precious IFRAME tags anymore.
Though again, Wordpress' "one ring" of security and leaving the keys to the kingdom danging in plain sight behind the main gate... well, exploits like that are hardly a surprise. There's esoteric attacks you can't predict, and then there's having ZERO fallback plan should someone get inside.
GOOD news is, if you keep all your plugins up to date (flash, acrobat, silverlight) or just block them, this nasty can't infect you.
It's still just outright bizarre how it's breaking out of the container into the hosting website, and spreading to sites that don't actually have those video embeds from one WP install to another if they so much as talk to each-other in other ways. (like sharing posts via RSS through certain extensions)
I'm waiting for an exploit like this to reach "neverNoSanity" proportions -- where all the people who neutered their upgrade paths on phpBB by adding mods/extensions that weren't being updated ended up 4 to 6 months behind on patches, and the end result took down two thirds the Internet... the CBT I was running at the time included NOT because we were using it, but because someone else on the same server was.
WP just has that vibe of something like that looming over the horizon... Of course with their "zero damages zero accountability" open source policy, it's not like they REALLY have to care so long as they can keep duping people into using it.
...and why I still say no legitimate business has any business using it for a website. YMMV. It's not bad enough it's accessibility trash and insecure code, but the lack of legal recourse thanks to it being open source? There's a reason it took so long for open source to gain traction in business, and we have yet to have a "major" enough failure for that detail to be contested -- but I've seen this pattern before, and it's coming.
-
I am still getting the warning on Chrome with my desktop.
-
Still have a warning on Firefox. (05 Febr.) wich leads to this
https://www.stopbadware.org/firefox?hl=de&url=http%3A%2F%2Fbg.battletech.com%2Fforums%2Findex.php
-
Trend Micro at work is still blocking the site as of today.
-
I am using firefox and I have not received the message in a couple of days now. If you are still getting it, assuming you haven't already done so, maybe you should clear temporary internet files.
-
I'm not blocked from the forums anymore, but I just noticed classicbattletech.com still gives the warning.
-
After a few days with no warning. Started to get this
(http://i.imgur.com/o33Hqzpb.png) (http://imgur.com/o33Hqzp)
This morning.
-
Literally just got the warning again.
-
The Catalyst BT page is now producing script warnings again about a Trojan through Firefox.
-
Yep, I'm seeing it too now.
I lost the warm fuzzy feeling I got earlier from Knightmare's assurances.
-
I just got the warning again w/Firefox on the main Forum page.
-
On Chrome, getting warnings.
-
All day yesterday (visited twice) i didn't see the message. But got it when i tried getting in today/
calling it an attack site..
-
Same here, using firefox.
-
Same here, using Firefox too.
Also, not sure but seems related as it appeared at the same time: many avatars are not displayed (including mine).
-
Not only am I getting the warning again, this time it appears to be preventing images like peoples' avatars from displaying.
-
Started happening to me as well.
-
I just got it as well on chrome for Android.
-
I'm getting it again too, but unlike the others I don't seem to have problems seeing other's avatars. I'm using chrome on windows 10.
-
Yeah, what's that Line from Poltergiest?
"It's baaaaaaaaaack"
:(
-
Not only am I getting the warning again, this time it appears to be preventing images like peoples' avatars from displaying.
Sig Bars are coming through though.
-
Sig Bars are coming through though.
They are from an outside source; e.g. in my case imgur.com.
Likewise, the only avatars I seem to see are those from outside sources like photobucket or imgur. (Not that I checked every avatar, but that is my experience so far)
-
Anyone know WHY we're getting flagged so much?
-
While browsing the forum here a Norton popup saying it blocked mass injection website 14. It's that aniwiki.ws stuff apparently.
-
Don't Know but Firefox is blocking and I'm getting all kinds of warnings from my protection package (Bullguard) that is up to date as three hours ago.
-
It happens with Windows 7 pretty regularly.
-
Now getting it with Safari on my phone. Did not happen till today
-
Firefox is unhappy with the site again this morning. AS someone who has had to deal with a number of website content management systems in the past...I feel your pain!
-
I'm getting this site blocked as an attack site again as of right now.
I'm using Firefox Portable 44.0 on Windows 7, and am in the UK
-
Safari is effected too.
-
Now getting it with Safari on my phone. Did not happen till today
Seconded. Chrome had issues and now it looks like iOS Safari has caught up.
-
Just had Chrome saying its not safe to get in here...
-
So with the a week's worth of firefox/google/whatever warnings and the front page that's essentially down...can we get any sort of input on what's actually happening? I'm wanting to spend less and less time here, even with my security measures high.
What's going on??
-
on firefox (43.0.4) and STILL getting it. i know it ain't the site itself but what's up on the backend? this crap's gettin old and i'd like to know what the problem is that they all feel like dumping on the site.
-
I haven't seen any virus notices or warning about the forums -- I'm using IE --- which may be the problem.....
Craig
-
IE is always a problem.
Heres my woes.. Desktop w/ Firefox has no issues but my phone using Firefox is barfing badly formatted pages due to the little red warning label.
Someone please get this straightened out soon ??? :-[ :'(
-
I'm wanting to spend less and less time here, even with my security measures high.
What's going on??
I am starting to feel the same way..
-
Firefox continues to report the forum as an attack site, Microsoft Edge does not.
-
Odd that I am not getting that right now but you are.
-
I'm still getting attack site. I'm in Phoenix, I can post a tracert screenshot to battletech.com here if it'd help. It seems to be intermittent, maybe it's tripping off an infected (or simply reported) backbone...hrm. I jump from at.at.cox.net to a timeout to an IP address, 74.205.108.121 before bouncing back to two rackspace.net IPs and then catalystgamelabs.com directly.
-
hear in OZ using Firefox and getting all kinds of notices from my browser and from my protection package, just updated both before visiting the sight.
Edit: getting the warnings and blocks on all CGL sights, from Leviathans to B-Tech and back again.
-
...before bouncing back to two rackspace.net IPs and then catalystgamelabs.com directly.
The Rackspace IPs make sense, that's our hosting provider.
-
I haven't seen any virus notices or warning about the forums -- I'm using IE --- which may be the problem.....
Yes, I have no warnings or problems using IE, but who wants to use IE?
Meanwhile it is getting worse on my FF; all avatars are gone except those from outside sources.
Btw., the Norton Safe Web gives clearance for the site:
https://safeweb.norton.com/report/show?url=http%3A%2F%2Fbg.battletech.com
-
I got a Phishing warning from Safari yesterday evening.
-
Had no attack site warnings yesterday.. but today? &%^*%&*(^%(^%*&%&(*%^ >:(
-
Using firefox; seems to be cleared up today. I got the issues yesterday though.
-
I've stopped getting warnings but I still don't see avatars.
-
I've stopped getting warnings but I still don't see avatars.
Oh, me neither. I didn't notice that. I was just glad to be able to get on without warnings.
-
Things good on my end as well.
By the way, I just stumbled across a few missing emails that were sent to my spam folder because they had links to this website in them.
Check your spam, folks.
-
No warnings, but still
no avatars.
-
Try clearing your cache
-
No warnings, but still
no avatars.
Do you wanna date mine? </feliciaday>
(sorry sorry that was so bad. I apologize. :)))
-
Try clearing your cache
Doesn't help. No avatars. :(
-
Can you post a screenshot?
OS/Browser/Version?
-
I am using Win7 and Firefox 42.0.
This might help: I tried loading an avatar's URL directly, and got this:
http://i.imgur.com/MsenTa9.jpg
(It is German, but I think you understand it nonetheless)
Also, stopbadware.org reports this avatar (and probably most other avatars):
https://www.stopbadware.org/firefox?hl=de&url=http%3A%2F%2Fd15yciz5bluc83.cloudfront.net%2Fforums%2Fuser-avatars%2Favatar_276_1319779665.jpg
But when just loading bg.battletech.com there are no warning, it looks like this:
http://i.imgur.com/L0wZePJ.jpg
-
ok Firefox is allowing access but Bullguard is still blocking, are the admins trying to clear that end up or is that not part of their purview making it a case of waiting for the Ant-Virus programs to come to their senses when they do their next updates?
-
I am using Firefox on my desktop. The forums were flagged as "attacking website" just a minute ago.
I can access it despite the warning (obviously, I know) and I can see sig bars, but no avatars.
And when I try to access the cbt website it gives me this here. Looks like some wonky formatting:
(http://i364.photobucket.com/albums/oo85/Molossian_Dog_IIC/The%20Shack/Ohay/th_0000-boo_zps8bge2xzd.jpg) (http://s364.photobucket.com/user/Molossian_Dog_IIC/media/The%20Shack/Ohay/0000-boo_zps8bge2xzd.jpg.html)
-
Same thing is happening to me, and i'm using chrome.....
The same problem is happening when i go to the Shadowrun forums
-
So question: will the avatars come back? Or do we need to re-upload?
-
Keep in mind that many, including me, can see your avatar. Feel free to try but it might not help, I dunno.
-
Clearing the cache and repeated reloads should fix most issues. Logging out, clearing and then loading in will also give a new session cookie.
-
I doubt that helps since the avatars from cloudfront.net themselves are flagged by Firefox.
Take this avatar for example:
http://d15yciz5bluc83.cloudfront.net/forums/user-avatars/avatar_276_1319779665.jpg
Trying to load this url directly, Firefox produces this:
http://i.imgur.com/MsenTa9.jpg
Also, stopbadware.org reports this avatar's url:
https://www.stopbadware.org/firefox?hl=de&url=http%3A%2F%2Fd15yciz5bluc83.cloudfront.net%2Fforums%2Fuser-avatars%2Favatar_276_1319779665.jpg
-
Using Chrome and evreything is fine, but a wee bit sluggish.
-
Yeah it has nothing to do with the cache on my end.
-
When I checked last night, the front page was still blocked. The forums would load but with no avatars. Couldn't tell you much more though because my browser would crash shortly after. Win10 and the most recent version of Firefox.
On my phone (win8) everything has been fine the whole time.
-
Cleared cache, still no avatars.
-
On it.
-
I've even tried re-Uploading my Avatar Pic, and not getting/showing.
-
I'm pursuing some forum options before escalating up the CDN chain.
-
Its finally working on my end. The forums load just fine, plus i can still see my avatar :)
-
Just an Update:
I cannot see Avatar's through Firefox
I can see Avatar through Microsoft's Edge (Windows 10)
**Update**...I can see SOME avatar's (example the Avatar of this Thread's FIRST poster shows).
-
I've been getting in ok since last night, but on the avatars, i only see a 'rank' badge or a pic of a mech..
-
**Update**...I can see SOME avatar's (example the Avatar of this Thread's FIRST poster shows).
Those avatars are from an outside source; in case of the first poster: photobucket.
The forum's own avatars from cloudfront are flagged by Firefox.
A quick and dirty solution is to directly load an avatar manually, then click to ignore Firefox's warning, and proceed. You should see all the avatars as usual, at least in the current Firefox session.
-
They are back now. I asked because in my profile, it said I hadn't uploaded one at all. I was afraid I was going to have to dig through old back up discs to find the image.
-
All,
The Catalyst websites were hit by the malware that deathshadow mentioned (http://arstechnica.com/security/2016/02/mysterious-spike-in-wordpress-hacks-silently-delivers-ransomware-to-visitors/), infecting various WordPress sites, roughly 2 weeks ago.
We have taken several steps to rectify the situation since then.
The malware was actually cleaned within a day or two from the server. Unfortunately, it's taken longer for us to find all of the places it was "cached". Notably, we cache parts of the website (for performance reasons), and serve the website from CDNs. Both of these places had parts of the malware cached until late last week.
All of those places now have no traces of the malware left.
The "Safe Browsing" prompts you're seeing from Google and Firefox come from analysis Google does. We've had to submit requests for review to Google several times to get the sites taken off their list. At this point, all of the main Catalyst properties are looking "green", and we continue to monitor the situation.
From this thread, you've pointed out one additional property that is showing "red", d15yciz5bluc83.cloudfront.net. This is one of the CDNs we use to host content, such as avatars. I wasn't aware it was flagged until now -- I've recently submitted it to get reviewed as well, so hopefully it will turn "green" soon.
Thanks for your patience. We've been working behind the scenes to rectify this situation.
-
Thank you for letting us know what's up, nicj. Really appreciate it.
-
So I never saw any warning (using windows 10 and Opera) during this whole thing. What does that mean?
-
So I never saw any warning (using windows 10 and Opera) during this whole thing. What does that mean?
That you were the Typhoid Mary of the whole malware infection :D
-
This whole thing has been...interesting to say the least. Imagine my surprise when I loaded up the Battletech website and my antivirus suddenly started telling me that it was blocking repeated attempts to install a trojan on my computer. (This was a couple of days ago.) I'm really glad that things seem to be getting back to normal, for the most part.
-
So does this mean we can get the Republic theme back soon? O:-)
-
And avatars are back up again.
-
Firefox is still reporting this as an attack site.
-
Strange, it's not doing that for me.
-
Nor me, and i am now seeing full avatars.
-
mobile and desktop all clear for me. How many are still having issues?
-
a-ok here. a big thank you to the admins for handling what i'm sure was a headache as promply as i imagine was possible.
-
I'm good to go now. Complete with avatars and everything.