An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
New Dharma Ransomware – .Tomle Virus File The Dharma ransomware-as-a-service operators have released a new version of the cryptovirus. Known as TomLe, the ransomware adds an identical extension to encrypted files (.TomLe). Note that this cryptovirus is currently being distributed…
Remember CVE-2021-3156, also known as Baron Samedit? It is a recently disclosed vulnerability affecting nearly the entire Linux ecosystem. CVE-2021-3156 Also Affects macOS According to the latest research, Linux is not the only environment that the vulnerability affects. Researcher Matthew…
According to Google security researcher Maddie Stone, software developers should stop delivering faulty zero-day patches. In a presentation during the USENIX’s Enigma 2021 virtual conference, the researcher shared an overview of the zero-day exploits detected last year. Zero-Day Flaws Not…
Ransomware operators are known to exploit various vulnerabilities, especially in campaigns against enterprises and organizations. Such is the case with two vulnerabilities in the VMWare ESXi product, included in the attacks of at least one prominent ransomware gang. These attacks…
URSA Ransomware The so-called URSA ransomware is one of the latest cryptoviruses discovered in the wild. This means that the ransomware is currently circling the web, targeting vulnerable Windows systems. Once the URSA cryptovirus has sneaked into a system, it…
Security researchers just released an alert about a new SonicWall zero-day vulnerability. NCC Group said that it detected active exploit attempts against the flaw and notified SonicWall. SonicWall Zero-Day Exploited in the Wild The firm has analyzed reports from their…
CVE-2021-3156 is a recently disclosed vulnerability that affects almost the entire Linux ecosystem. Security researchers from Qualys named the major flaw “Baron Samedit,” as it affects “sudoedit -s”. According to the official description, the vulnerability is a heap-based buffer overflow,…
Apple recently addressed three zero-day vulnerabilities in iOS, iPadOS. CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 could allow threat actors to perform privilege escalation and remote code execution attacks. The company says the vulnerabilities were likely exploited in the wild, without specifying the…
Security researchers discovered a new threat endangering Linux servers. Called DreamBus, the botnet is a new variant of a previously known malware known as SystemdMiner. It is noteworthy that DreamBus is more evolved when compared to SystemdMiner. Zscaler researchers warn…
Security researcher Pierre Kim reported at least 28 security vulnerabilities and backdoors in the firmware of the FiberHome Technologies’ FTTH ONT router. According to Shodan data, the router is commonly used in South America and Southeast Asia. “FiberHome Technologies is…
Cisco’s Small Business RV110W, RV130, RV130W, and RV215W routers contain 68 vulnerabilities. However, the company doesn’t plan on fixing them. Instead, “customers are advised to refer to the end-of-life notices for these products,” the advisory explained. What is causing the…
Security researchers recently uncovered a Russian scam operation that made more than $6.5 million from victims across the United States, Europe, and former Soviet countries. The so-called Classiscam scheme was discovered by Group-IB researchers who came across an automated scam-as-a-service…
Cybersecurity experts have been looking into ways to improve anti-ransomware protection. The latest enhancement in the field is already a fact. 11th Generation of Intel Core vPro Business-Class Processors Intel and Cybereason have combined their efforts to add anti-ransomware defenses…
For Microsoft and Windows users, 2021 starts off with a heavy Patch Tuesday, addressing a total of 83 security vulnerabilities. Microsoft fixed bugs in the Windows operating system and some issues in cloud-based products, enterprise servers, and developer tools. However,…
David Schütz, a security researcher, just published a report detailing a YouTube security vulnerability that could make private videos visible at reduced resolution. To exploit the flaw, an attacker would need to know (or guess) the video identifier. Of course,…
Sixteen vulnerabilities were discovered in the Nvidia GPU display driver and vGPU software, some of which severe. The vulnerabilities could lead to denial of service, escalation of privileges, data tampering, and information disclosure attacks. The Nvidia GPU display driver supports…
Users should patch several new browser vulnerabilities affecting Chrome, Firefox, and Edge. The vulnerabilities are rated critical and could allow attackers to hijack susceptible systems. It should be noted that the Firefox flaw identified as CVE-2020-16044 is separate from the…
The new year has started with a new strain of enterprise ransomware, and now a cryptocurrency malware. Discovered in December, ElectroRAT is a “wide-ranging operation targeting cryptocurrency users” on all major operating systems (Windows, macOS, and Linux). The malicious operation…
Are you using WhatsApp? Perhaps you are aware that Facebook owns the messaging application. Maybe this fact didn’t matter that much to the app’s dedicated users, but new Privacy Policy conditions are likely to change this attitude. WhatsApp is updating…
2021 starts with new ransomware. Called Babuk Locker, the ransomware was discovered by researcher Chuong Dong. The ransomware has attacked a small number of enterprise victims. Ransom demanded by Babuk Locker criminals varies between $60,000 and $85,000 in Bitcoin. “Since…
