An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
CVE-2020-9844 is an iOS security vulnerability disclosed by Google Project Zero Ian Beer. The now-patched critical wormable bug could enable remote hackers to gain complete control of nearby vulnerable devices over Wi-Fi. According to the official CVE description, CVE-2020-9844 is…
Apple users are at risk of new malware targeting macOS. Discovered by Trend Micro researchers, the campaign is connected to the OceanLotus hacking group, most likely associated with the Vietnamese government. The hacking group targets foreign organizations in Vietnam, such…
Another fine for Facebook for breaching users’ privacy in South Korea Facebook has been penalized for sharing user data without consent in South Korea. The fine is approximately $6 million, following a report by the Personal Information Protection Commission (PIPC).…
GitHub has fixed a severe security vulnerability, reported by Google Project Zero researchers about three months ago. The flaw affected GitHub’s Actions feature, a developer workflow automation tool, and was discovered by Felix Wilhelm. In the researcher’s own words, the…
The winter holidays are around the corner, and so is new skimming malware. Cybercriminals recently released campaigns distributing the Grelos malware, a common Magecart variant. Analyzed by RiskIQ researchers, this strain comprises a rehash of the original code first spotted…
Security researchers spotted a new piece of infostealing malware called Jupyter. The malware is a .NET infostealer that primarily targets Chromium, Firefox, and Chrome browser data, say Morphisec researchers. Jupyter Infostealer According to the research, the malware demonstrates many capabilities…
CVE-2020-26070 is a high-severity flaw in Cisco ISO XR software. The bug could allow unauthenticated, remote hackers to take advantage of Cisco Aggregation Services Routers known as ASR. CVE-2020-26070 in Detail The vulnerability resides in Cisco ISO XR software. The…
Kaspersky researchers recently discovered new ransomware targeting Linux systems. The team came across a 64-bit ELF executable designed to encrypt data on Linux-running machines. The analysis shows that the ransomware shares many similarities with a previously known family called RansomEXX.…
Android devices are prone to attacks carried out by a new banking Trojan. Dubbed Ghimob, the malware can spy and harvest data from 153 Android applications in countries such as Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique. Security research…
Have you heard of Tianfu Cup? Tianfu Cup is China’s biggest hacking competition that also happens to give away some of the highest reward payments. In this year’s edition, several tech-giants were “pwned”, including names like Microsoft, Samsung, VMWare, Google,…
Security researchers recently detected a surge in attacks against Israeli companies. Some of the intrusions were carried out by well-known ransomware strains ReVil and Ryuk. However, a new ransomware was also spotted, the previously unknown Pay2Key. Previously Unknown Pay2Key Ransomware…
Apple recently released security fixes for iOS, iPadOS, watchOS, and macOS, addressing vulnerabilities reported by Google’s Project Zero. According to the company’s security advisories, three of the flaws were reported by Project Zero and are being exploited in the wild.…
CVE-2020-3992 is a VMware vulnerability in the ESXi hypervisor products. The vulnerability is rated as critical and could lead to remote code execution. CVE-2020-3992 in Detail According to the official description: OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804,…
CVE-2020-16010 is yet another critical zero-day that Google recently patched. This time, affected is the Android version of the Chrome browser. The vulnerability is a heap buffer overflow in UI in Google Chrome on Android in versions prior to 86.0.4240.185.…
Are you experiencing issues with your system and user certificates after a Windows 10 update? Reports appeared a few days ago regarding certificate issues that occur after the user upgrades to a newer Windows 10 build. Now, Microsoft has acknowledged…
How safe is your Windows operating system? Security researchers Mateusz Jurczyk and Sergei Glazunov of Google Project Zero recently disclosed a zero-day kernel flaw in Windows, known as CVE-2020-17087. The team suspects that all supported Windows versions are affected, exposing…
There’s hardly any software without vulnerabilities, as evident by the numerous vulnerability discoveries. In some cases, researchers discover multiple security flaws in a single product. This happened with Cisco Talos, who recently came across several remote flaws in Synology Router…
A new security report indicates that link previews shared in chat applications can cause “serious privacy problems if not done properly.” Researchers Talal Haj Bakry and Tommy Mysk discovered several cases of vulnerable apps that were leaking IP addresses, exposing…
Are you running the latest version of Google Chrome (currently 86.0.4240.111)? We advise you to check whether your Chrome browser is updated as it may be prone to exploits. The best way to do so is by going to Chrome’s…
Your Apple Safari browser may be affected by address bar spoofing flaw, security researchers say. As a result of it, you may be targeted by spear-phishing attacks and malware. According to research, an address bar spoofing flaw affects several mobile…
