An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
What Is FastBrowser.co? Reports have emerged about a suspicious website, called FastBrowser.co. The website provides a search engine, with results seemingly provided by the legitimate Yahoo service. However, once a search is initiated, the user is redirected to Microsoft’s Bing…
Microsoft recently document an intriguing cybersecurity accident involving a threat actor that distributed malicious drivers across gaming environments. The Netfilter Driver: a Threat to the Gaming Community Evidently, the threat actor submitted a specific driver called Netfilter, built by a…
What’s a PUP (Potentially Unwanted Program) Exactly? PUP is short for “potentially unwanted program” (sometimes referred to as PUA, potentially unwanted application), even though a better name would be “absolutely unwanted programs”. At best, these programs provide little to no…
Security researchers just reported the discovery of a new malware they called Crackonosh. The malware was uncovered by Avast researchers after they received reports from reddit users saying that their AV programs were missing from their systems. Crackonosh Malware in…
Critical Vulnerability in VMware’s Carbon Black App Control There’s a vulnerability in VMware’s Carbon Black App Control management server. Rated 9.4 according to the CVSS scale, the severe flaw could grant threat actors with admin rights without any authentication. This…
French Connection (FCUK), a clothing company, is the latest victim of a ransomware attack linked to the REvil gang. The attackers seem to have found a vulnerability in the company’s back-end systems, which allowed them to grab internal data. Breached…
Dell devices contain four high-severity security flaws that could allow remote attackers to carry out arbitrary code execution in the pre-boot environment of the devices. The vulnerabilities affect 30 million individual Dell endpoints, Eclypsium researchers discovered. The said vulnerabilities are…
Researchers from Positive Security discovered an unpatched stored cross-site-scripting (XSS) flaw impacting Linux marketplaces. The vulnerability creates the possibility of unchecked, wormable supply-chain attacks. Affected are Pling-based marketplaces, such as AppImage Hub, Gnome-Look, KDE Discover App Store, Pling.com, and XFCE-Look.…
Security researchers discovered a vulnerability, CVE-2021-33515, in the underlying technology deployed by most email servers running the IMAP protocol (Internet Message Access Protocol). The vulnerability has been around for at least a year, allowing attackers to bypass TLS email protections…
What Is PDFConverterSearchOnline? PDFConverterSearchOnline is classified as a browser hijacker and a potentially unwanted program (PUP). The only purpose of this suspicious toolbar is to be promote its fake search engine – pdfconvertersearchonline.com. Having this PUP installed on your system…
If you are using the Tor Browser, you should get the latest update immediately. Tor Browser 10.0.18 fixes a series of issues, one of which is a vulnerability that could allow sites to track users by fingerprinting their installed apps.…
DarkRadiation is a new ransomware that targets Linux and Docker cloud containers. Coded in Bash, the ransomware targets specifically Red Hat/CentOS and Debian Linux distributions, according to Trend Micro’s research. Related: Previously Undetected RotaJakiro Malware Targets Linux X64 Systems For…
How effective are Android anti-virus applications? A new research sheds light on how popular AV programs for Android fail to secure devices against various malware permutations. “The number of Android malware variants (clones) are on the rise and, to stop…
Apple’s iOS is prone to a wireless networking naming issue that can disable an iPhone’s ability to connect to a Wi-Fi network. Discovered by senior security engineer at Ant Financial Light-Year Security Labs Carl Schou, the bug can permanently disable…
Google is working on a solution to help mitigate the increasing number of software supply chain attacks. What Is Supply Chain Levels for Software Artifacts (SLSA)? Called Supply Chain Levels for Software Artifacts, or SLSA for short, the solution is…
Security researchers discovered a new malicious technique that helps malware achieve evasion on an infected system. Called Process Ghosting, the technique could be exploited by a threat actor to bypass security protections and run malicious code on a Windows system.…
Security researchers recently discovered a vulnerability in Linux systemd’s polkit. Identified as CVE-2021-3560, the flaw appears to have been around for at least seven years. Since polkit is used in many Linux distributions, the impact of the vulnerability should not…
What Is Default Upgrade? Default Upgrade (DefaultUpgrade) is an adware application that may have sneaked into your system without your knowledge or consent. It is yet another example of a series of unwanted apps targeting macOS, such as Default Explorer,…
Click.allow.mobi Ads Are you seeing Click.allow.mobi pop-ups and push notifications in your browser? If so, you should be careful not to click anything stemming from the Click.allow.mobi site. Click.allow.mobi is a suspicious domain that tries to tries to trick you…
A new CISA advisory warns about a critical software supply-chain vulnerability affecting ThroughTek’s SDK (software development kit). The flaw, identified as CVE-2021-32934 could be abused to gain improper access to audio and video streams. Other compromise scenarios include spoofing vulnerable…
