An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
CVE-2018-0878 is the identifier of an information disclosure vulnerability that exists in Windows Remote Assistance. The flaw is triggered when WRA incorrectly processes XML External Entities (XXE). An attacker who successfully exploits the flaw could obtain information further abuse the…
Probably the most important factor when it comes to Facebook criticism is the way the social network handles the personal data of its users. Privacy issues related to individual cases have fueled the debate over time. The majority of the…
There were times, not too long ago, when exploit kits were widely deployed by hackers in various types of malicious campaigns. However, with the improvement of browsers and some other security-focused factors, the use of EKs began to decline, and…
Do you remember the Prilex PoS (point-of-sale) malware? Prilex is one of the latest strains of ATM malware pieces that has been used in highly targeted attacks on Brazilian banks. The malware has been developed using the Visual Basic 6.0…
According to a recent research by University of Surrey, cryptocurrencies have become the dominant tool for money laundering. How was the study conducted? Researchers gathered information directly from convicted cybercriminals and law-enforcement agencies. Apparently, crooks are using cryptocurrency to buy…
According to Microsoft’s Security Intelligence Report, Asia was the region with the highest number of ransomware infection in the period between February and December, 2017. The statistics are taken from the report’s special section dedicated to ransomware. Myanmar and Bangladesh…
Android is once again found to be vulnerable to a serious piece of malware, and this time the scale of the infection is larger than one could imagine. Security researchers came across a massive, unceasing campaign that has infected about…
Apparently, MailChimp email service has been frequently abused to deliver spam messages carrying malware infections. Security researchers have been frustrated because this problem has been happening for quite some time. MailChimp Abused in Spam Campaigns Distributing Malware The issue needs…
Are you privacy-savvy and relying on a VPN to keep your online business to yourself? If so, you may want to know that a VPN recommendation site decided to test 3 VPNs to see whether they were flawlessly performing their…
Bitcoin is once again making the headlines, this time thanks to a piece of malware found on Download.com. The malware was stealing malware identified as through swapping user accounts with the accounts of the hackers behind the operation. This operation…
Two critical vulnerabilities (CVE-2018-1050, CVE-2018-1057) have been discovered in Samba, the open-source software that is a re-implementation of the SMB networking protocol. The Samba software can run on popular operating systems such as Windows, Linux, UNIX, IBM System 390, OpenVMS.…
CVE-2018-0886 is the identifier of a critical flaw found in Credential Security Support Provider (CredSSP). The vulnerability affects all versions of Windows and allows malicious hackers remote access to exploit RDP (Remote Desktop Protocol) and WinRM (Windows Remote Management). Related…
Have you been wondering who is behind the enormous amount of spam you receive in your inbox? Security researchers at McAfee have the answer – two botnets are at fault for 97 percent of all spam emails sent out in…
A highly sophisticated threat capable of cyber espionage via targeting routers has been uncovered by researchers at Kaspersky Lab. Dubbed Slingshot, the malware has been used in malicious campaigns on victims in the Middle East and Africa for several years.…
CVE-2018-0141 has been identified as the latest vulnerability in Cisco’s Prime Collaboration Provisioning (PCP) software. Apparently, the software has a hardcoded password that could be leveraged by hackers aiming to obtain full control of the system. On top of this,…
DDoS attacks based on Memcached servers can now be mitigated, researchers say. The mitigation method includes the victim sending a “flush_all” command back to the servers that initiated the attack. This method was suggested few days ago by one of…
Windows Defender successfully halted a large malware campaign that tried to infect more than 400,000 users. The payload of the campaign was a cryptocurrency miner. The attempt took place on March 6, and it continued 12 hours, Microsoft recently revealed.…
Free WiFi is hard to resist: it provides almost limitless convenience and, for a growing class or remote workers, is close to a necessity. This popularity belies the dangers of using such networks. With poor encryption and minimal user regulation…
A flaw in a widely used email program that may be exposing some 400,000 servers globally has been discovered by security researchers. The vulnerability which has been identified as CVE-2018-6789 resides in all releases of the Exim message transfer agent…
Just last week a record-breaking DDoS attack took place – registered at 1.3 Tbps. The target was GitHub, and the attack was based on a flaw in Memcached servers recently made public. It became evident that cybercriminals can exploit Memcached…
