An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Twitter just fixed a vulnerability that may have shared direct messages (DMs) and protected tweets of some users with developers who were not authorized to access the information. It appears that the bug is related to Twitter’s Account Activity API…
A Twitter discussion started by Christoph Tavan has revealed that Chrome 69 will keep Google Cookies even when the user specifically asks it to delete all cookies. ““Clear browsing data” -> “Cookies and other site data” doesn’t empty local storage.…
CVE-2018-8373 is a severe remote code execution vulnerability which was fixed in August 2018 Patch Tuesday. The vulnerability was located in Internet Explorer and the way it manages objects in memory. At the time the advisory was published, there were…
Security researcher Patrick Wardle has disclosed a new security vulnerability in the latest version of macOS, Mojave, hours before the version was released. The researcher showed the privacy feature bypass in a video shared on Twitter. The original purpose of…
Remember the Equifax breach? The major security havoc affected one of the largest credit reporting companies operating in the USA. As a result of the malicious intrusion, cybercriminals were able to obtain information on millions of users worldwide. The data…
CVE-2018-1149 is a new stack buffer overflow zero-day vulnerability which endangers IoT video and security camera. Also known as Peekaboo, the zero-day is affecting security cameras and surveillance equipment that use the NUUO software. If exploited, the flaw could allow…
How does a self-spreading malware with cryptomining and ransomware capabilities sound to you? Entirely hypothetical? Not at all. This new malware strain exists and is a real threat not only to Windows servers but also to Linux. It is dubbed…
Quite the peculiar botnet was detected in the wild by Qihoo researchers. The botnet, dubbed Fbot and based on the code of Satori, appears to be “just going after and removing another botnet com.ufo.miner”. Fbot is displaying other forms of…
Apple has released a new set of security fixes that address vulnerabilities in Safari, iOS, watchOS, and tvOS. It should be noted that some of the vulnerabilities were disclosed before the security updates, which opened a loophole for threat actors.…
CCleaner is once again being criticized. The software is forcing an update to the latest version, 5.46, even in cases when users have configured it not to undergo automatic updates. On top of that, once the upgrade is done, the…
A denial-of-service vulnerability typical for older versions of Windows has resurfaced in the operating system. The security flaw has been dubbed FragmentSmack (identical to SegmentSmack in Linux) and has been given the CVE-2018-5391 identifier. As explained in Microsoft’s advisory, “an…
The Bristol Airport in the UK has become a victim of a ransomware attack. As a result, the airport’s in-house TV screens needed to display arrival and departure flight information were affected and literally blacked out. The attack happened several…
A new tech support scam involving Google Chrome has been detected. Apparently, the scam is using a novel technique to hijack the browsing sessions of Chrome users. The scam relies on well-known tricks such as browser locking where the user…
Another day, another vulnerability. Intel has just released firmware updates for a vulnerability (CVE-2018-3655) in the Intel Converged Security and Manageability Engine (CSME). The security flaw enables threat actors to recover, modify, or delete data stored on Intel’s CPU chip-on-chip…
Security researcher and privacy advocate Troy Hunt has reported an intriguing incident involving a free, public, and anonymous hosting service. Apparently, a large database containing email addresses, passwords in clear text and partial credit card details has been uploaded to…
Jaxx cryptocurrency wallet is the latest victim of hackers. A website spoofing the official website of Jaxx was recently taken down after Flashpoint researchers discovered several infections connected to the operation. The fake site had a URL similar to the…
September Patch Tuesday 2018 has been released, fixing a total of 62 security vulnerabilities. The fixes include a recently discovered zero-day bug which was exploited in the wild. This vulnerability has been given the CVE-2018-8440 identifier. More about CVE-2018-8440 The…
Zerodium recently reported the discovery of a new zero-day exploit in Tor browser. The same exploit vendor earlier this year offered $1 million for submitting such an exploit for Tor browser. The new Tor zero-day could reveal the identity of…
If you’re an Apple fan or owner of their devices, perhaps you heard. The very popular anti-malware app for Mac called Adware Doctor was removed from the Mac App Store. The reason? The app was collecting browsing histories, as well…
Security researchers have made an aggravating discovery that concerns an increasing number of iOS apps, which have been used to silently and secretly collect location histories from tens of millions of Apple devices. To do so, the apps used packaged…
