An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
A known vulnerability dubbed ThinkPHP, which was disclosed and fixed in December last year, has been exploited for botnet propagation by a new Mirai variant, Yowai, a variant of Gafgyt known as Hakai. The discovery comes from Trend Micro, and…
A proof-of-concept code for jailbreaking iPhone X has been created by a security researcher. The code reveals how two vulnerabilities can be chained to carry out a jailbreak operation, and the attack is quite simple, requiring an attacker to trick…
A new anti-ransomware solution has been developed by Cohesity, a privately held enterprise storage company headquartered in San Jose, California. The solution offers a set of capabilities meant to prevent, detect and respond to ransomware cyberattacks. According to the company’s…
Microsoft’s search engine, Bing, has been blocked by China. This has been confirmed by Chinese users who complained about not being able to use the search engine. Bing is yet another service that has been blocked by the Chinese government…
URLhaus is a cybersecurity project launched by the well-known abuse.ch non-profit organization in Switzerland. The project is focused on sharing malicious URLs, and it just succeeded in taking down nearly 100,000 websites exploited for malware distribution. The take-down operation requires…
Running outdated software hides huge risks but many users (both home and enterprise) do it anyway. According to a new security report, 55 percent of applications installed on machines worldwide are outdated, meaning they have not been updated to the…
Update August 2019. OSX.Netwire also known as Netwire backdoor or Netwire Trojan is the name of a Trojan horse that is currently targeting Mac users. The threat opens a backdoor on the compromised system which may lead to various malicious…
A design flaw has been discovered in the file transfer interaction between a client host and a MySQL server. The bug allows threat actors operating a malicious MySQL server to obtain any data the connected client has read access to.…
Several vulnerabilities have been discovered in the firmware of a Wi-Fi chipset, meaning that a variety of laptop and smart devices are affected. The exploit can happen without user interaction, claims Embedi researcher Denis Selianin. With this research, I’m going…
Cisco Small Business Switches are vulnerable to a remote attack where commands with admin privileges can be executed. The vulnerability is tracked under CVE-2018-15439, and it could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an…
Remember Magecart? In November last year, security researchers discovered that the the infamous malware, known for harvesting credit card details from checkout forms, [wplinkpreview url=”https://sensorstechforum.com/sites-magecart-malware-reinfected/”]could re-infect even after clean-up. Now, Magecart is active once again in notorious campaigns in which…
2019 already has its first major data leak which consists of approximately 773 million unique email IDs and 21 million unique passwords, as reported by Troy Hunt: Last week, multiple people reached out and directed me to a large collection…
A major security vulnerability that affects nearly half of all airlines worldwide was just discovered by researcher Noam Rotem. The researcher stumbled upon the flaw while booking a flight with Israeli national carrier EL AL Israel Airlines. The vulnerability allows…
Several security vulnerabilities were discovered in five popular web hosting services. The flaws enable threat actors to steal sensitive information or even take over customers’ accounts. The vulnerabilities were unearthed by security researcher Paulos Yibelo, who is a well-known bug…
Ransomware is usually after one thing only, and that’s encrypting the victim’s data and extorting payment for its decryption. However, a new piece of ransomware which is still in a development stage adds something else to its malicious activity –…
The number of individuals affected by data breaches and cyberattacks in 2018 is definitely in the billions, and organizations are not far behind, either. One data breach alone, Marriott’s, affected 500 million individuals! More specifically, Starwood subsidiary’s guest reservation network…
KB4480960 and KB4480970 are two security updates published by Microsoft in January 2019 Patch Tuesday. The updates are for Windows 7 SP1 and Windows Server 2008 R2 SP1, and as evident by multiple complaints by users, they are causing troubles.…
A serious security vulnerability, identified as CVE-2018-15453, in Cisco AsyncOS. More precisely, the vulnerability is located in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security…
A flaw was just discovered in Google’s Knowledge Graph, which makes it possible to manipulate search results. Shortly put, “by adding two parameters to any Google Search URL, you can replace search results with a Knowledge Graph card of your…
Three vulnerabilities in a component of system have been discovered by researchers at Qualys. The vulnerabilities are CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, and patches addressing them are already available. More specifically, they were were discovered in systemd-journald, which is a part…
