An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
ExtendedService Mac Adware ExtendedService is yet another potentially unwanted app designed to compromise macOS systems. If you have this app installed on your Mac, you may be experiencing multiple pop-ups and redirects to suspicious pages. These pages may be deployed…
What Is Positive-news.org? Positive-news.org is a suspicious domain and a browser redirect, associated with the generation of push notifications and unwanted pop-up messages. If you come across this page while browsing, we advise you to navigate away from it and…
The LockFile ransomware emerged in July 2021. The ransomware has been exploiting the ProxyShell vulnerabilities in Microsoft Exchange servers in its attacks. The flaws are deployed “to breach targets with unpatched, on premises Microsoft Exchange servers, followed by a PetitPotam…
ProxyToken, or CVE-2021-33766 is a serious security vulnerability in Microsoft Exchange that could allow an unauthenticated threat actor to access and steal emails from the victim’s mailbox. The issue was reported to the Zero Day Initiative in March 2021 by…
Microsoft researchers detected a new phishing campaign leveraging open redirector links (open redirects) in emails in an attempt to bypass security software and trick users into visiting malicious pages. Related: Microsoft and Google’s Cloud Infrastructure Abused by Hackers in Phishing…
What Is Game Pro (Gaming New Feed)? Game Pro, also known as Gaming News Feed and found at http://tab.bethegamepro.com/ is a rogue browser extension and a suspicious website that may flood you with intrusive ads. The page provides a search…
In July, Kaseya announced three new zero-day vulnerabilities impacting its Kaseya Unitrends service. The vulnerabilities were represented by an authenticated RCE flaw on the server, a privilege escalation flaw from read-only user to admin on the server, and an undisclosed…
RZA Virus File – Dharma Ransomware RZA is a new ransomware variant released by the Dharma ransomware group. If you see the .RZA extension added to your files which are suddenly inaccessible, then your system has been infected. As seen…
PERDAK Virus File: Phobos Variant A new variant of the Phobos ransomware family was detected in the wild, targeting users with weak protection. This new variant appends the .PERDAK extension to encrypted files. If you see this extension added to…
TCYO Virus File – Dharma Ransomware Variant There is a new variant of the Dharma ransomware family, which can be distinguished by the file extension it appends: .TCYO. If you see your files renamed and ending with the .TCYO extension,…
Palo Alto’s Unit 42 researchers shed light on four emerging ransomware groups making the headlines this year. The discovery comes after an extensive research and analysis of the underground including web leak sites and fresh onion sites. These ransomware-as-a-service operators…
What are the threats endangering Linux systems? Security researchers from Trend Micro just released a report focused on the “pressing security issues including malware and vulnerabilities that compromise Linux systems in the first half of 2021.” Related: The Facefish Operation:…
Razor Squad Ransomware Security researchers have detected a new ransomware threat, currently targeting users worldwide. Called Razor Squad ransomware, or Razor Squad virus file, the threat sneaks into the computer system to encrypt all data and demand a ransom in…
Security researchers are reporting emails soliciting company insiders to install the Demon (Black Kingdom) ransomware on their organizations’ networks. Nigerian Threat Actor Behind the Campaign According to a report by Abnormal Security, a Nigerian threat actor is trying to recruit…
According to an alert released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), cybercriminals are currently exploiting the so-called ProxyShell Microsoft Exchange vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. CISA Warns against ProxyShell Attacks The agency’s strong advice is for organizations…
Checka Map (CheckAMap) Checka Map (CheckAMap), found at portal.checkamap.com, is a suspicious domain that may drop a browser extension or cause unwanted redirects. If you see it set as your default page, you may have been affected by a potentially…
C0v Virus File (Dharma Ransomware) A new iteration of the Dharma ransomware family has been detected in the wild. Appending the .c0v ([c0v1d19@job4u.com].c0v) file extension to encrypted file, the c0v cryptovirus will demand a ransom payment from you to allegedly…
There is a recently disclosed unpatched flaw in Fortinet’s web application firewall appliances. The vulnerability could be exploited by remotes authenticated attackers to execute malicious commands. Related: Top Exploited Vulnerabilities in 2020: Hackers Take Advantage of Remote Work In other…
Ufymmtjonc File Virus (Snatch Ransomware) If you see the .ufymmtjonc file extension appended to your files, then you have been infected by a new variant of the Snatch ransomware family. Snatch Ransomware will encrypt all types of files such as…
AdLoad is a well-known adware and bundleware loaders family which has been targeting macOS users since 2017, or even earlier. The threat installs a backdoor on the system to drop adware and potentially unwanted applications (PUAs), and also collects information.…
