An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
It’s a fact that we’re facing new vulnerabilities daily. Today’s share of flaws comes from Broadcom WiFi chipset drivers. The flaws (CVE-2019-9503, CVE-2019-9500, CVE-2019-9501, CVE-2019-9502) affect multiple operating systems and could allow remote attackers to perform arbitrary code execution resulting…
„А series of rampant malvertising campaigns“ targeting iOS users have been detected. The campaigns targeted both US and European publishers, and respectively users. According to Confiant security researchers the malicious activities come from a known threat actor called eGobbler that…
Yet another sextortion scam is sneaking into users’ inboxes. The scam which is using the “Warning! Account compromised!” subject line is relying on the spoofing technique to make the user believe their system has been hacked. What Is Spoofing? Spoofing…
If you use AdBlock, AdBlock Plus or uBlock, you should be aware that a security researcher discovered a vulnerability in their filter systems. The loophole may allow remote attackers to inject arbitrary code into web pages. The discovery was made…
Scranos is the name of a new rootkit-enabled spyware which despite its current sophistication appears to be “work-in-progress”. Bitdefender researchers recently discovered that the operators of Scranos are continuously testing new components on already-infected users and regularly making minor improvement…
CVE-2019-0859 is a zero-day vulnerability which was part of this month‘s Patch Tuesday. The vulnerability was detected by Kaskersky Lab researchers who just released detailed technical resume of the issue. In March 2019, Kaspersky’s Exploit Prevention (EP) systems detected an…
Microsoft has declined to patch a zero-day vulnerability in Internet Explorer for which a security researcher published details and proof-of-concept. The flaw can allow attackers to steal files from computers running Windows. More specifically, the researcher successfully tested the zero-day…
New alarming statistics reveal that approximately 25 percent of phishing emails taken from a batch of 55 million analyzed emails were marked as clean by Office 365 Exchange Online Protection (EOP). This means that these phishing emails got to recipients’…
A new research reveals vulnerabilities in “a limited number of early implementations of WPA3™-Personal, where those devices allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable…
A new highly sophisticated APT framework used for spying purposes was recently uncovered by security researchers. The malicious framework has been in operation for at least 5 years but it’s the first time it’s been detected. The framework has been…
April 2019 Patch Tuesday is here, consisting of fixes for 74 vulnerabilities. Note that two of the flaws (CVE-2019-0803 and CVE-2019-0859, see details below) are actively exploited in attacks in the wild. 13 of the vulnerabilities are rated critical, and…
Verizon Fios Quantum Gateway contains three high-severity vulnerabilities (CVE-2019-3914, CVE-2019-3915, CVE-2019-3916). which could allow command injection. When exploited at once, the flaws could give an attacker complete control over a network. Note that the device is used by millions of…
In December, 2017, malware researchers came across several apps that were published on Google Play and third-party app stores. The apps had surveillance capabilities. Because of the name of the malware’s payload, watchdog, the researchers named the apps AnubisSpy. Anubis…
The previously known Exodus spyware which plagued Google Play Store and respectively Android devices, is now equipped with a version for iOS. According to Lookout researchers, the iOS counterpart is less sophisticated than the Android version, and hasn’t been detected…
Another version of the “ATTENTION! You are screwed now” scam is currently circling the web. The subject line used by the scammer this time is “IMPORTANT! You have been recorded ʍasturbating! I have [email’s name].mp4!”. Related: [wplinkpreview url=”https://sensorstechforum.com/remove-save-yourself-scam/”] “Save Yourself”…
Sextortion (porn blackmail) scams distributed over email are becoming increasingly popular. Individuals from all over the world are receiving threatening email messages from people (scammers) that claim they have video recordings made via the individuals’ device camera. The recording purportedly…
Another day, another extortionist scam. As we’ve already said before, all recent scams delivered via email have one thing in common – they create a sense of fear and urgency in order to persuade the recipient to transfer a large…
Security researchers recently discovered a new tool that is actively scanning for exposed web services and default passwords. The researchers dubbed the malicious tool “Xwo”. The name is taken from its primary module name. Xwo is most likely related to…
There are two new cases of data sets exposing tons of information belonging to Facebook users. More specifically, half a billion records of millions of users of Facebook were openly available to the public internet. The records were found on…
CVE-2019-0211 is a new vulnerability in Apache HTTP Server software. The bug which was discovered by Ambionics security researcher Charles Fol has already been fixed in the latest version of the software, 2.4.39. The update should be applied immediately –…
