An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
One of biggest scandals of 2017, the one involving WikiLeaks and the CIA, is escalating by the minute. It is now known that one of the teams of the agency specializes in reusing bits of code and techniques taken from……
Another day, another breach. Brian Krebs just reported that Verifone, the largest manufacturer of credit card terminals in the US, is currently investigating a breach of its internal networks. These computer networks appear to have been limited to Verifone’s corporate…
Ransomware has been the primary online threat for the past couple of years, and it is expected to be just that in 2017. Let’s take a survey from June 2016 by Osterman Research, which revealed that almost one out of…
The last time we wrote about wiper malware was in December when Shamoon returned to the malware scene. Shamoon, a.k.a. Disstrack was initially detected about four years ago in attacks against Saudi Oil Company Aramco. Its intention was to wipe…
If you haven’t been infected by ransomware, ever, you are either very good at taking care of your data, or you have been incredibly lucky. Ransomware has been continuously evolving, and has become incredibly widespread thanks to the ransomware-as-a-service (RaaS)…
CVE-2017-0016, CVE-2017-0037, CVE-2017-0038 are three recently uncovered Microsoft vulnerabilities that bring to light once again the employment of Intrusion prevention system protection (IPS), as pointed out by TrendMicro researchers. IPS, also known as Virtual Patching, helps protect against vulnerabilities even…
Dridex, one of the worst banking Trojans to ever enter the financial malware scene, is back once again, and is in a better shape than before. New capabilities have been added to Dridex v4 which make it even more impossible…
Palo Alto researchers just discovered 123 Android apps located on Google Play that tried to infect users with… Windows malware. The apps were infected with “tiny hidden Iframes that link to malicious domains in their local HTML pages”. The most…
If you are a core Windows user, perhaps you’ve already heard about the new feature Microsoft just implemented in Windows 10. The novel feature blocks the installation of Win32 apps and restricts the OS to run just Windows Store apps.…
Sucuri researchers just came across a serious vulnerability that affects WordPress website databases. More particularly, a WordPress gallery plugin with more than 1 million active installations has been found to have a severe SQL injection flaw. The researchers say that:…
Are you a Windows user? If so, have you switched to Windows 10, or are you still running an older version of Microsoft’s operating system? According to new market share statistics by NetMarketShare, Windows 7 started growing again in February…
Another day, another vulnerability. Did you hear about the recently revealed remote code execution bug in all (except the latest) ESET Endpoint Antivirus 6 for macOS? The vulnerability in question has been identified as CVE-2016-9892. The vulnerability was discovered and…
Problems were reported with Google Chrome’s latest update. More particularly, Chromebook users were unable to reach the Internet. Chromebooks are primarily used in schools where the connection is protected by proxies like Symantec’s BlueCoat. In fact, the issue with the…
How about that? 2 million voice recordings of children and parents, together with e-mail addresses and passwords belonging to 800,000 accounts have been exposed. The reason? Insecure Internet-connected stuffed animal toys! Voice Recordings and Sensitive Data from Connected CloudPets Toys…
Google’s Project Zero reported to Microsoft a security bug in Edge and Internet Explorer 11 on November 25th, 2016, which still hasn’t been patched. The vulnerability, identified as CVE-2017-0037, would allow remote code execution where attackers could crash browsers and…
E2EMail, an experimental end-to-end encryption system developed by Google, was just made available for open-source usage. “E2EMail is not a Google product, it’s now a fully community-driven open source project, to which passionate security engineers from across the industry have…
In January 2017 the Federal Trade Commission started suing the Taiwanese router production company D-Link because of vulnerabilities in their Wi-Fi routing devices and web cameras. Those vulnerabilities could allow attackers to exploit the devices. Almost two months later, security…
After it was rebranded in 2016, Adwind, the famous remote access tool has been put to use once again. Attacks on more than 1,500 organizations have been reported, and at least 100 countries have been compromised, Kaspersky Lab report reveals.…
The last time we wrote about the Necurs botnet was in January, when it was used in Locky ransomware distribution operations. Necurs has been primarily used to spread spam emails in order to infect user systems. The botnet usually infected…
F-Secure, the Finnish web security company, recently released a 34-page transcript from a group chat that belonged to the creators of Spora ransomware family. Spora is a ransomware virus, primarily targeting Russian speakers as evident by its payment page and…
