An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
A number of Linux and FreeBSD servers and systems are vulnerable to a denial of service vulnerability dubbed SACK Panic, as well as other forms of attacks. Four security vulnerabilities affecting a range of Linux and FreeBSD servers were unearthed…
The dangerous Houdini worm has been transformed into a new variant dubbed WSH Remote Access Tool (RAT). More specifically, the new malware is an iteration of the VBS-based Houdini also known as H-Worm, which first appeared back in 2013. The…
Security researchers discovered yet another Android Trojan that uses push notifications to trick users into subscribing to dubious sites. The Trojan is known under the Android.FakeApp.174 detection name. Android.FakeApp.174 In Detail Android.FakeApp.174 uses Google Chrome to load questionable websites that…
Tavis Ormandy, security researcher at Google’s Project Zero, has “noticed a bug in SymCrypt, the core library that handles all crypto on Windows.” The bug is a zero-day of the DoS (denial-of-service) type. The bug means that “basically anything that…
It is a known fact that vulnerabilities in medical devices can endanger the physical security of patients. Security researchers have discovered two new such vulnerabilities, one of which is critical and could allow full control of the medical device. The…
A new side-channel exploit against dynamic random-access memory (DRAM) has been discovered. The attack, which is dubbed RAMBleed allows malicious programs to read sensitive memory data from other processes running on the same hardware. RAMBleed has been identified as CVE-2019-0174.…
What is .gerosan ransomware virus? Can .gerosan encrypted files be restored? The so-called .gerosan ransomware virus is another iteration of the infamous STOP ransomware family. This quickly growing ransomware family has affected a great number of victims. However, the good…
A total of 88 vulnerabilities were fixed in Microsoft’s June Patch Tuesday. 22 of the flaws are rated critical, and four of the fixes addressed previously announced elevation of privileges zero-days. None of the flaws in this month’s share of…
A database containing 8.4 TB of email metadata was left exposed to the internet. The database belonged to a major Chinese research university. The good news is that it is now secured. While searching Shodan, security researcher Justin Paine, who…
Malboard is a new sophisticated attack developed by security researchers at Israeli Ben-Gurion University of the Negev (BGU). The attack involves a compromised USB keyboard to generate and send malicious keystrokes that mimic user behavior. What makes this attack sophisticated…
What is wtfsupport@airmail.cc ransomware? We received several reports regarding a new ransomware virus currently infecting users worldwide. The ransomware is most likely spread in malicious spam campaigns. We named it wtfsupport@airmail.cc ransomware virus (or wtfsupport@airmail.cc files virus) after one of…
Emails delivering malware is not news but this campaign deserves attention because it uses a previously patched exploit and requires zero interaction. An active malware campaign which is using emails in European languages distributes RTF files that carry the CVE-2017-11882…
Security researcher SandboxEscaper has released the details of CVE-2019-0841, another zero-day affecting Windows 10 and Windows Server 2019. The details have been published on GitHUb and are now available in the same account with the previously disclosed eight zero-days. The…
CVE-2019-10149 is a critical security vulnerability in the Exim mail transfer agent (MTA) software. The flaw is located in Exim versions 4.87 to 4.91 included, and is described as improper validation of recipient address in deliver_message() function in /src/deliver.c which…
GoldBrute is the name of a new botnet which is currently scanning the internet and attempting to locate poorly protected Windows machines with RDP (Remote Desktop Protocol) connection enabled. The botnet was discovered by security researcher Renato Marinho of Morphus…
A new report by Bromium titled Behind the Dark Net Black Mirror offers a detailed analysis of the dark net markets. The report has been carried out by Dr. Michael McGuire who will present his findings in full during the…
Check Point security researchers revealed multiple critical vulnerabilities in a popular IPTV platform called Ministra. The vulnerabilities could allow attackers to bypass authentication and obtain users’ information. The impact of the vulnerabilities could be quite devastating. The research shows that…
The well-known RIG exploit kit is currently distributing the Buran ransomware, which is a version of Vega (VegaLocker) ransomware. A security researcher known as nao_sec was the first to notice a malvertising campaign redirecting users to the RIG EK which…
A new extensive research paper titled “Improving Vulnerability Remediation Through Better Exploit Prediction” reveals the number of discovered vulnerabilities in the past ten years (between 2019 and 2018), and also shares the percentage of actively exploited flaws. Surprisingly, only 4,183…
According to multiple user reports, Windows 10 users in Germany are currently experiencing malvertising campaigns when using their default browsers. The malicious ads are being displayed on the Microsoft Advertising network in ad-supported applications. What Is Microsoft Advertising? As explained…
