googleads.g.doubleclick.net Asking for Username and Password - malware

Today, out of the blue on the google page, a window popped up asking me for my username and password. It didn't say what it was for, just googleads.g.doubleclick.net. It then happened on my phone which is linked to the same account. I was wondering if anyone else has had this issue and if anyone could help me. I am really worried. Thanks.

Others have seen it. I did, when I opened Google Chrome. I was just on the new tab page, not even an actual website! Many people seem to have encountered this in the past 24 hours:
https://security.stackexchange.com/questions/127667/what-should-i-do-about-gmail-ad-asking-me-for-password
https://superuser.com/questions/1092011/firefox-googleads-g-doubleclick-net-basic-authentication-prompt
https://nz.answers.yahoo.com/question/index?qid=20160621202130AAxY0F2
https://steamcommunity.com/discussions/forum/11/358415738179518104/
https://productforums.google.com/forum/#!msg/chrome/Rt3zSPiSyHk/zdB52fBqAQAJ
http://forums.windowscentral.com/windows-10/429066-edge-wants-me-login-googleads-g-doubleclick-net.html
https://techreport.com/forums/viewtopic.php?f=1&t=118101
https://forums-windowscentral-com.blogspot.com/2016/06/edge-wants-me-to-login-to.html
The best response I've found is over on the security stack exchange:
https://security.stackexchange.com/a/127668/43188
To summarize, yesterday, googleads.g.doubleclick.net (a Google domain that serves ads) either was briefly compromised by an attacker seeking people's passwords, or a Google engineer messed up and it's a result of a mistake in their servers.
The answer on the security stack exchange suggests changing your password, even if you didn't fill it in the popup. The suggest this because, if it's an attack, and the attacker is able to create the popup, they could have added malicious code you didn't see.
Also, though in principle I'm not a fan of ad blocking, I've recently realized it's probably necessary these days for security. This incident only demonstrates this. I recommend uBlock Origin, but Adblock Plus is also popular.

Related

'.AspNetCore.Correlation....' cookie not found

Apparently there are a lot of people having this problem, but none of the scenarios seem to be exactly what I'm experiencing. I'm using Azure AD B2C with HTTPS. I can consistently create the problem, but am at a loss to know how to fix it.
Recreating the problem:
Make sure to be logged out.
Go directly to a link in the site. This will bring up the login screen. After successful login, the user should be taken to the page in question.
Hit the "Back" button. This brings up the error, and the user will be at https://domain/MicrosoftIdentity/Account/Error.
I've tried every combination/permutation of cookie policies I can think of, but to no avail.
If I can't solve the problem, perhaps someone could tell me how to redirect https://domain/MicrosoftIdentity/Account/Error to https://domain/MicrosoftIdentity/Account/SignOut, thereby simply forcing a loggout. I'd be satisfied with that.
What this really is:
From an authentication/application's perspective this behavior is correct. Let me clarify. I bet the following is something almost every internet user has experienced:
You submit a form, click on the back button and this alert pops up, asking you to 'resubmit the form'?
When you clicked back in the browser it simply executes the exact same request that you did earlier. Not a big deal in HTTP-GET requests, but kind of a pita in POST-requests because it can potentially cause duplicate data or worse. Or in this case, you run into security measures preventing the (ab)use of one-time tickets.
Although the behavior is correct, I understand that your client's perception is, that the app must simply be broken..
The solution, or preventive measure:
To be clear, I haven't actually tried this and this is more of a 'could-possibly-work' answer in the case of AzureAD B2C.
Nevertheless, I think you might be able to circumvent this perceived problem through:
Implementing a POST-redirect-GET pattern inside your application so that you point the redirect URI of the B2C tenant to an endpoint inside your application and when the request comes in, simply redirect the request to a GET method.
Hopefully this helps, but in case you want a more definitive answer try searching Google for the pattern or maybe someone else here knows about a working solution and wants to contribute to this post in the comment section or provide an answer. Either way, good luck!

Is there a solution to bypass Captcha verification to access sites? [duplicate]

This question already has answers here:
How can I bypass the Google CAPTCHA with Selenium and Python?
(6 answers)
Closed 2 years ago.
I want to login on a WordPress site. When i try to accesss to login on a WordPress site, it say me "Checking your browser before accessing", why i see the link "DDoS Protection by Cloudflare"? Additionally, a CAPTCHA is required to access this site. How to bypass Captcha verification in order to access sites? Here's the images links:
https://i.stack.imgur.com/Ju3f7.png
https://i.stack.imgur.com/Vrhi4.png
Ways to bypass captcha which come to my mind:
Talk to guys of site or service in question if you have good reason to get exception based on IP or similar
Use some coding to automatically solve captcha for you. Often captcha is made so simple to be solved by some simple algorithm.
If none of the above works (which I think is your case), create porn site where users need to solve captchas to see the content. Make a system which automatically reroutes captchas annoying you to users who want to watch porn. If done properly, all works as charm.
PS: Actually captchas are there with reason and usually it is not nice to cheat here but I explained how it technically possible. Do not judge me for not judging others at this. SO asked me to be nice to newcomer.
PS2: Avoiding, breaking or otherwise messing up with access control security can be illegal in some jurisdictions. Especially if it caused harm to site but overloading it and thus making unavailable. For techie this may look stupid but sometime things go this way in real world.
That is because your IP address is suspicious!
Cloudflare detects your IP address as potential bots or other malicious software.
Don't worry! usually your IP address will change after a while (24 hours or so).
In the mean time you can use another network to access the site or use a VPN service to change your IP address (a VPN extension will be the best choice in your case.)

Hiding user login on single-user sites

If I'm building a simple page to which one person (or a small number of people) will have admin access, how do I (ideally language-agnostically, but in Ruby if relevant) conceal the log-in link from most users, but reveal it to those who should have access?
I feel like this is something people must do all the time, and the answer is presumably all over Google, but I'm not quite sure what question I'm asking. I don't know what info I'd have to condition on (IP? What if admins want to log in from a different Wifi network?).
Is the normal approach to just not have a link, and use cURL or similar tools to log in? (which seems unwieldy)
Ah, I just realised at least one way of doing this is to have a page that I need to direct link to as the login page, so no-one sees a login link they can't use.
Feels obvious in retrospect :\

Workaround for Tweetdeck not authenticating multiple accounts

I had a really frustrating issue recently with Tweetdeck, a tool to manage multiple twitter accounts. Since we get feedback and support questions on Twitter accounts with our projects, it is MUCH easier to see all the information in one place. That said, I had a recent issue and couldn't find ANY help online. I was able to find and test a workaround though, and have decided since it helped me I should post it here.
First, let me explain the exact issue, so you can see if my solution might work for you (YES, I already have the answer and posted it below)
I know my Tweetdeck was working previously (as I had multiple accounts). Since some of the projects were going away, and new ones were starting, I removed the existing ones and started trying to add the new ones.
The twitter page would come up asking to authenticate, then after typing in the information, I would get a generic "You have been logged into Tweetdeck, please return to the application" in the new window, but when closing it, I would not be logged in on Tweetdeck with the other account (only the original one)
I tried NUMEROUS steps to fix this including some of the following (NONE of these steps worked):
Tried different computers (with different Operating Systems). These included Windows 7 and Linux (Ubuntu 10.04) and more than one browser (Google Chrome, Firefox, etc). I also tried clearing cache, cookies, history, etc.
NOTE: I also tried to contact both Tweetdeck and Twitter support, neither of which have ever responded to any question I have ever had in years.
So the initial question was... "How do I get Tweetdeck to authenticate with other accounts successfully" with the error "You have been logged into Tweetdeck, please return to the application", but the new accounts do not actually authenticate and I cannot use them in Tweetdeck.
After extensive attempts to find a way to make my Tweetdeck work once again, I found a workaround that has worked great for me. I am not sure exactly why this works, but I have a feeling it has to do with the difference between the authentication method of just Tweetdeck online vs. the Google Chrome App.
On a whim, I decided to install the actual Google Chrome App plugin (as I was running out of options). Then, when using the app, it succeeded with no problems.
While I have posted an answer that works for me here, I would appreciate any comments that might give more real information (not guesses) on why this happened. If there is something else I can try so that I am not limited to the Google Chrome App if I want to add new accounts, I would also be happy to try those possible solutions. Please make sure to read my question which covers what I have already done.
NOTE: Since I have a working workaround, if your solution will take substantial effort, I will probably not try it .

Apple Developer Connection log-in problems

Is there a trick to logging in to Apple Developer Connection? For the past two weeks, out of about 100 tries, I've been able to log in three times. Every other time, after a successful entry of my username and password, it takes me back to the login screen.
This happens to me on both my Macs, on Safari and Firefox, so I'm not hopeful of a solution. But I have a hard time believing that the situation is really this bad...
I am having the same problem, I have narrowed down to a problem with my ISP. Of course they will not acknowledge it, but the problem only arises when I attempt a login from home. I think they are probably using a caching proxy and something in the scheme used by apple to login->access the content makes the proxy believe it's only visiting content that is still valid. I am going slightly mad because of this.
This question and the related discussion clued me in to how to fix my problem with the same symptoms on developer.apple.com. In my case, I have multiple "teams," so after entering in my Apple ID, it takes me to a team selection page. After selecting a team, I'd just be redirected back to the login/Apple ID page.
Turns out, the login is done over HTTPS, while the team selection (and probably the bulk of other activities on developer.apple.com) are over HTTP. Our firewall load balances over a couple of Internet connections, and the HTTPS traffic was passing over a different interface than the HTTP. Evidently, this was confusing Apple's authentication mechanism. It also explains why I was occasionally able to get through -- sometimes all traffic would end up on the same interface.
Ultimately, my solution was to add a rule to the firewall to send all 17.0.0.0/8 traffic (Apple's legacy class A network) over the same interface.
Hopefully this helps someone else with a frustratingly endless login loop.