An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
CVE-2019-0859 is a zero-day vulnerability which was part of this month‘s Patch Tuesday. The vulnerability was detected by Kaskersky Lab researchers who just released detailed technical resume of the issue. In March 2019, Kaspersky’s Exploit Prevention (EP) systems detected an…
Microsoft has declined to patch a zero-day vulnerability in Internet Explorer for which a security researcher published details and proof-of-concept. The flaw can allow attackers to steal files from computers running Windows. More specifically, the researcher successfully tested the zero-day…
New alarming statistics reveal that approximately 25 percent of phishing emails taken from a batch of 55 million analyzed emails were marked as clean by Office 365 Exchange Online Protection (EOP). This means that these phishing emails got to recipients’…
A new research reveals vulnerabilities in “a limited number of early implementations of WPA3™-Personal, where those devices allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable…
A new highly sophisticated APT framework used for spying purposes was recently uncovered by security researchers. The malicious framework has been in operation for at least 5 years but it’s the first time it’s been detected. The framework has been…
April 2019 Patch Tuesday is here, consisting of fixes for 74 vulnerabilities. Note that two of the flaws (CVE-2019-0803 and CVE-2019-0859, see details below) are actively exploited in attacks in the wild. 13 of the vulnerabilities are rated critical, and…
Verizon Fios Quantum Gateway contains three high-severity vulnerabilities (CVE-2019-3914, CVE-2019-3915, CVE-2019-3916). which could allow command injection. When exploited at once, the flaws could give an attacker complete control over a network. Note that the device is used by millions of…
In December, 2017, malware researchers came across several apps that were published on Google Play and third-party app stores. The apps had surveillance capabilities. Because of the name of the malware’s payload, watchdog, the researchers named the apps AnubisSpy. Anubis…
The previously known Exodus spyware which plagued Google Play Store and respectively Android devices, is now equipped with a version for iOS. According to Lookout researchers, the iOS counterpart is less sophisticated than the Android version, and hasn’t been detected…
Another version of the “ATTENTION! You are screwed now” scam is currently circling the web. The subject line used by the scammer this time is “IMPORTANT! You have been recorded ʍasturbating! I have [email’s name].mp4!”. Related: [wplinkpreview url=”https://sensorstechforum.com/remove-save-yourself-scam/”] “Save Yourself”…
Sextortion (porn blackmail) scams distributed over email are becoming increasingly popular. Individuals from all over the world are receiving threatening email messages from people (scammers) that claim they have video recordings made via the individuals’ device camera. The recording purportedly…
Another day, another extortionist scam. As we’ve already said before, all recent scams delivered via email have one thing in common – they create a sense of fear and urgency in order to persuade the recipient to transfer a large…
Security researchers recently discovered a new tool that is actively scanning for exposed web services and default passwords. The researchers dubbed the malicious tool “Xwo”. The name is taken from its primary module name. Xwo is most likely related to…
There are two new cases of data sets exposing tons of information belonging to Facebook users. More specifically, half a billion records of millions of users of Facebook were openly available to the public internet. The records were found on…
CVE-2019-0211 is a new vulnerability in Apache HTTP Server software. The bug which was discovered by Ambionics security researcher Charles Fol has already been fixed in the latest version of the software, 2.4.39. The update should be applied immediately –…
Have you been seeing pop-ups stating the following “Virus Alert: Backdoor Virus Detected on your Computer”? Such pop-ups are usually persistent and may even lock your browser in their attempt to trick you into calling a phone number for technical…
Two unpatched zero-day vulnerabilities lurk in Microsoft Edge and Internet Explorer, and there’s even proof-of-concept code available. The flaws were discovered by 20-year-old security researcher James Lee, and they could allow a malicious website to perform universal cross-site scripting attacks…
Game of Thrones, in addition to being the most popular TV show in terms of fandom, is also the most popular TV show when it comes to malware. Of course, Game of Thrones is not the only series associated with…
Google security researcher Matthew Garrett discovered a zero-day vulnerability in TP-Link SR20 Smart Home routers. After the company failed to respond to the private disclosure, the researcher decided to make the flaw public. TP-Link SR20 Vulnerability Technical Overview The vulnerability…
A few years back, in 2016, we decided to analyze the most dangerous online places, which were represented not only by suspicious locations but also by legitimate websites and services. In truth, things haven’t changed for the better since 2016,…
