An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Did you install the latest batch of updates from Microsoft’s May 2021 Patch Tuesday? If you haven’t, you should do it as soon as possible, as it contains fixes for four critical security flaws. May 2021 Patch Tuesday Overall, this…
Few days ago, Colonial Pipeline’s networks in the United States were hit by a ransomware attack that created an unprecedented chaos. Following the devastating incident, the U.S. Federal Motor Carrier Safety Administration, shortly known as FMCSA issued a regional emergency…
Have you been trying to uninstall a program called WirelessNetView? The program is advertised as an application to monitor the activity of wireless networks in the user’s vicinity. However, there are reports that indicate the program may display unwanted behavior.…
Another set of patches addressing critical security vulnerabilities was just released by Cisco. Vulnerabilities in Cisco SD-WAN vManage Software Some of the vulnerabilities affect the company’s SD-WAN vManage software. “Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated,…
Security researchers recently observed a new information stealer (infostealer) malware. Called Panda Stealer, the malware is distributed via spam emails mostly in the US, Australia, Japan, and Germany. Trend Micro’s research shows that Panda Stealer is also utilizing fileless techniques…
What Is Hotlocalchat.com Hotlocalchat.com is a suspicious website that will try to make you subscribe to its push notifications. The website may display a video asking you to press “Allow” to watch it. Even if you are interested in the…
This week, Apple addressed a couple of security flaws that have been exploited in the wild. The vulnerabilities, known as CVE-2021-30665 and CVE-2021-30663 affect WebKit in macOS Big Sur. What Is CVE-2021-30665? The vulnerability is a memory corruption issue that…
A sample of Linux malware has been circling the web for at least three years without being detected. The discovery comes from security firm Qihoo 360 NETLAB. “On March 25, 2021, 360 NETLAB’s BotMon system flagged a suspiciousELF file with…
Apparently, hackers are increasingly utilizing Excel 4.0 documents to distribute malware such as ZLoader and Quakbot. The findings come from security firm Reversing Labs. How was the research on malicious Excel 4.0 (XML) macros carried out? The research team collected…
Apple recently fixed a zero-day flaw in macOS that could bypass the operating system’s anti-malware protections. The research also shows that a variant of the well-known Shlayer malware has already been exploiting the flaw for several months. CVE-2021-30657 Zero-Day Technical…
CVE-2020-28588 is an information disclosure vulnerability in the Linux kernel that could allow KASLR bypass, also causing the discovery of more unpatched flaws in ARM devices. CVE-2020-28588 Vulnerability According to Cisco Talos researchers who discovered the issue, the vulnerability exists…
The Nvidia graphics processing unit (GPU) display driver contains a series of vulnerabilities, the most severe of which is CVE-2021-1074. CVE-2021-1074 The vulnerability currently is undergoing analysis. What is known so far is that NVIDIA Windows GPU Display Driver for…
A new piece of Android malware is spreading across devices using SMS messages (shortly known as smishing) about “missed package delivery.” It seems that Android users across the United Kingdom are particularly targeted by these messages, aiming to distribute the…
A team of researchers from the Secure Mobile Networking Lab (SEEMOO) and the Cryptography and Privacy Engineering Group (ENCRYPTO) at TU Darmstadt discovered a severe privacy weakness in Apple’s wireless file-sharing protocol. The vulnerability could expose a user’s contact information,…
There’s a new large-scale data leak of usernames and passwords that goes into the category of record breakers. Dubbed COMB21, the data leak consists of 3.28 billion passwords connected to 2.18 million unique email addresses. Furthermore, the leak also includes…
A new vulnerability exists in the official Homebrew Cask repository, a free, open-source software package manager allowing the installation of apps on macOS and Linux. The security flaw was discovered on 18th of April in Cask’s review-cask-pr GitHub Action used…
One of the latest trends in the cybercrime field is exploiting QR codes, a new Ivanti research reveals. “While this may fly under the radar of many IT operations and security teams, consumer-based QR codes pose many security threats to…
One of Apple’s key suppliers, Quanta Computer Inc, has been fighting a high-profile ransomware attack. The attack took place while Apple was revealing its newest line of iPads and iMacs, Bloomberg recently reported. Sodinokibi/REvil Threat Actors Hit Quanta, a Key…
CVE-2021-22893 is classified as a critical zero-day in Pulse Secure VPN devices, and it has been exploited by nation-state hackers in attacks against US defense, finance, and government targets. Attacks against European targets have also been observed, according to a…
Do you experience intrusive, unwanted pop-up ads in your browser? If so, you may have a potentially unwanted program attached to your browser. ConfigProgress is one of the latest such programs detected in the wild. What Is ConfigProgress? ConfigProgress is…
