An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Privacy on social media should be a top concern for online users. However, most people remain unaware of the misdeeds of social networks and app developers who often abuse their personal information. The CanaryTrap Method Helps Identify Data Misuse Fortunately,…
A new information disclosure vulnerability, CVE-2020-12418, was just discovered in Mozilla Firefox. Discovered by Cisco Talos, the vulnerability can be exploited by tricking the user into visiting a specially crafted web page via the browser. In case of a successful…
Two out-of-band security updates were just released by Microsoft, addressing remote code execution (RCE) security flaws in Microsoft Windows Codecs Library. Several Windows 10 and Windows Server versions are affected by the vulnerabilities, which are known as CVE-2020-1425 and CVE-2020-1457.…
How safe do you think your Facebook password is? If you have used one of the 25 Android apps Google just removed from Google Play Store, your Facebook credentials were stolen. The findings come from French cybersecurity firm Evina which…
LenovoEMC NAS devices are the latest targets of a cybercrime group known as Cl0ud SecuritY. LenovoEMC NAS, or network-attached storage devices are currently being targeted by ransomware threat actors who wipe their files and demand a ransom of about $200…
A new report by WatchGuard sheds light on the state of malware so far into 2020. One of the most crucial findings of the report is that 67% of the malware in Q1 of 2020 was distributed via encrypted HTTPS…
Exploit kits have been deployed in plenty of ransomware campaigns in the past few years. Some exploit kits have a short life-span, and others, like Magnitude EK, continue to evolve and be improved. In fact, Magnitude EK is one of…
A new privacy service developed by Privacy Bee, an Atlanta-based platform focuses on removing users’ data from thousands of databases. The idea of the service is to scrub personal data from databases of companies so that the data can’t be…
A remote code execution vulnerability in Bitdefender, known as CVE-2020-8102 was discovered recently. More specifically, the vulnerability resided in the Safepay browser component in the security solution. CVE-2020-8102: Technical Overview Here’s the official description of CVE-2020-8102: Improper Input Validation vulnerability…
79 Netgear router models were just found containing a severe security vulnerability that could lead to remote control. More specifically, the vulnerability affects 758 firmware versions used in 79 Netgear router models. Netgear Routers Affected by Security Vulnerability The flaw…
Remember the WikiLeaks scandal from 2017? An internal CIA report recently revealed what caused the massive data breach of confidential information to happen. It was the agency’s own inability to secure its systems, which led to the WikiLeaks leak of…
Lamphone is a new side-channel attack that can be used to eavesdrop sound. The attack has been discovered by researchers Ben Nassi, Yaron Pirutin, Adi Shamir, and Yuval Elovici from Ben-Gurion University of the Negev and Weizmann Institute of Science.…
A new report showcases serious vulnerabilities the modern GTP communication protocol deployed by mobile network operators. It is crucial to note that the GTP protocol is used to transmit user and control traffic on 2G, 3G, and 4G networks. This…
A vulnerability in the Facebook Messenger application for Windows was just discovered by Reason Labs security researchers. The vulnerability is present in Messenger version 460.16, and it could allow attackers to exploit the app to execute malicious files already present…
The RIPlace ransomware bypass technique, discovered by security researchers in November 2019, has now been implemented by the Thanos ransomware family. This is the first case of RIPlace being utilized by ransomware. The technique relies on just a few lines…
CVE-2020-13777 is a vulnerability in GnuTLS, a widely adopted, open source library that implements Transport Layer Security. The vulnerability has been present in the library for nearly two years, making resumed TLS 1.3 sessions vulnerable to attack. The vulnerability, introduced…
June 2020 Patch Tuesday is Microsoft’s biggest so far, containing fixes for 129 vulnerabilities. On the positive side, despite being the largest Patch Tuesday in the history of the company, it doesn’t include fixes for zero-day bugs, meaning that none…
A new security report indicates that the KingMiner crypto-mining operation is back in the game with new attacks against MSSQL (Microsoft SQL) databases. Owners of such databases should secure their servers, as Sophos researchers detected brute-force attacks attempting to guess…
A severe vulnerability, known under the CVE-2020-12695, has been discovered in a core protocol in nearly all IoT devices – the Universal Plug and Play (UPnP) protocol. The flaw, dubbed CallStranger could allow attackers to take over IoT devices in…
Have you updated your Firefox browser? Mozilla just released security updates addressing eight vulnerabilities, five of which rated as high-risk. To be protected against the attacks, users should be running Firefox 77. If you haven’t restarted your Firefox browser in…
