An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
CVE-2020-16010 is yet another critical zero-day that Google recently patched. This time, affected is the Android version of the Chrome browser. The vulnerability is a heap buffer overflow in UI in Google Chrome on Android in versions prior to 86.0.4240.185.…
Are you experiencing issues with your system and user certificates after a Windows 10 update? Reports appeared a few days ago regarding certificate issues that occur after the user upgrades to a newer Windows 10 build. Now, Microsoft has acknowledged…
How safe is your Windows operating system? Security researchers Mateusz Jurczyk and Sergei Glazunov of Google Project Zero recently disclosed a zero-day kernel flaw in Windows, known as CVE-2020-17087. The team suspects that all supported Windows versions are affected, exposing…
There’s hardly any software without vulnerabilities, as evident by the numerous vulnerability discoveries. In some cases, researchers discover multiple security flaws in a single product. This happened with Cisco Talos, who recently came across several remote flaws in Synology Router…
A new security report indicates that link previews shared in chat applications can cause “serious privacy problems if not done properly.” Researchers Talal Haj Bakry and Tommy Mysk discovered several cases of vulnerable apps that were leaking IP addresses, exposing…
Are you running the latest version of Google Chrome (currently 86.0.4240.111)? We advise you to check whether your Chrome browser is updated as it may be prone to exploits. The best way to do so is by going to Chrome’s…
Your Apple Safari browser may be affected by address bar spoofing flaw, security researchers say. As a result of it, you may be targeted by spear-phishing attacks and malware. According to research, an address bar spoofing flaw affects several mobile…
Security researchers are warning of an active Facebook Messenger phishing operation. Cyberint experts noticed a suspicious Facebook Messenger message, which led them to the identification of the campaign. As a result of it, users’ accounts are being exploited “to further…
Two out-of-band security updates addressing the CVE-2020-17022 and CVE-2020-17023 vulnerabilities were just released. The two flaws could trigger remote code execution in Microsoft Windows Codecs Library and Visual Studio Code. As both flaws are rated as important in severity, you…
What is Garbage Cleaner or System Garbage Cleanup Have you encountered a program called Garbage Cleaner, System Garbage Cleanup, or Quick_cleaner? Our analysis shows that these are the names of a potentially unwanted program (PUP) that has been plaguing users…
A critical security vulnerability was patched in Windows in October 2020’s Patch Tuesday. CVE-2020-16898 is a flaw discovered in IPv6 Router Advertisement Options also known as DNS RA options. The flaw resides in Windows TCP/IP stack, responsible for handling RA…
Have you ever wondered how much does access to a compromised network cost? A new report reveals that initial network access price has tripled in September in comparison with August. Initial network access is what gets malicious hackers inside an…
A new strain of Android ransomware is currently circling the web. Called MalLocker.B, the ransomware is a known threat that has re-appeared with new techniques. Some of them include a new way to display the ransom note and an obfuscation…
Threat actors have found an efficient method to breach government networks. By combining VPN and Windows vulnerabilities, they have gained access to state, local, tribal, and territorial government networks. The information comes from a security alert published by FBI and…
Facebook just launched a unique loyalty program called Hacker Plus for the company’s bug bounty platform. This loyalty program is the first of its kind for a technology giant. Similar loyalty programs have been launched by airlines and hotels. Hacker…
Security researchers just uncovered a new fileless attack that exploits Microsoft Windows Error Reporting (WER). The hacking group behind the so-called Kraken attack is yet to be identified. Security researchers Hossein Jazi and Jérôme Segura say that the attack relies…
Security researchers recently discovered a new UEFI attack, where a compromised UEFI firmware image contained a malicious implant. Part of a malware framework called MosaicRegressor, the attack compromised victims with ties to North Korea between 2017 and 2019. Unified Extensible…
Ransomware continues to be a top threat to both home and enterprise users. Fortunately, security researcher Florian Roth just released a ransomware vaccine. Called Raccine, the tool monitors for the deletion of shadow volume copies, which ransomware typically wipes out.…
Microsoft developed a new tool to enable system admins to update the Defender package within Windows installation images (WIM or VHD). The tool serves enterprises where administrators utilize installation images to service workstations and servers. These images may be reused…
A UK government report indicates a flaw of national significance in Chinese company Huawei. The Huawei Cyber Security Evaluation Centre (HCSEC) was set up by the UK government and the tech company to evaluate equipment meant for UK networks. HCSEC…
