An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
A high severity vulnerability in the TikTok Android app has been fixed. The flaw could enable attackers to take over user accounts by tricking users into clicking a malicious link. Discovered by Microsoft, the vulnerability has already been fixed. Related…
![Werfault.exe - Is It Malware? [Removal Instructions]](https://cdn.sensorstechforum.com/wp-content/uploads/2021/09/spyware-bootkit-trojan-sensorstechforum-300x171.jpg "Werfault.exe – Is It Malware? [Removal Instructions]")
What Is Werfault.exe and Is It Dangerous? Are you experiencing issues related to a Windows process called Werfault.exe? The very first thing to mention is that, by design, Werfault.exe is not a malicious process. In fact, it is a legitimate…
What Is Video Downloader? Video Downloader is a rogue browser extension and an ad-supported program (adware). Despite being advertised as a useful browser utility, Video Downloader’s sole purpose is to display ads and generate pay-per-click revenue. Even though this behavior…
ModernLoader is a new remote access trojan detected by Cisco Talos researchers. ModernLoader Campaigns in the Wild More specifically, the researchers analyzed three separate, but related campaigns in the period March-June 2022 that delivered ModernLoader, RedLine and several cryptocurrency miners.…
Agenda is a new strain of Golang ransomware specifically targeting healthcare and education organizations in Indonesia, Thailand, South Africa, and Saudi Arabia. Discovered by Trend Micro researchers, Agenda ransomware can reboot compromised systems in safe mode and can attempt to…
A Turkish-based cryptocurrency mining malware (crypto miner) campaign has been detected. Called Nitrokod and discovered by the Check Point Research team, the campaign has infected machines across 11 countries with a XMRig crypto miner. Nitrokod Cryptominer Campaign: Some Details The…
A new report by NCC Group sheds light on the threat landscape for the past month (July 2022). Apparently, ransomware attacks are once again on the rise, with LockBit being the most active ransomware in the wild. What else has…
The LockBit ransomware group is now working towards improving its protection against DDoS attacks as well as adding triple extortion to its malicious operations. These actions are triggered by a recent clash between LockBit criminals and security firm Entrust. LockBit…
Another critical Atlassian vulnerability has been reported in numerous API endpoints of Bitbucket Server and Data Center. The vulnerability in question is CVE-2022-36804, a command injection issue in version 7.0.0 of Bitbucket Server and Data Center. CVE-2022-36804: Atlassian Bitbucket Server…
MagicWeb is the name of a new post-exploitation (post-compromise) tool discovered and detailed by Microsoft security researchers. The tool is attributed to the Nobelium APT (advanced persistent threat) group which uses it to maintain persistent access to compromised systems. This…
What Is VantageAdvisor? VantageAdvisor is a potentially unwanted application (PUA) with trojan-like capabilities that belongs to the AdLoad family. Multiple AdLoad variants have been plaguing Mac users for at least two years. Symptoms of having an AdLoad variant such as…
GitLab revealed a critical vulnerability for branches 15.1, 15.2, and 15.3 of its community and enterprise editions. The vulnerability, identified as CVE-2022-2884 and rated 9.9 on the CVSS scale, could enable a threat actor to carry out remote command execution…
![Remove RecordBreaker Malware [Cryptocurrency Wallet Infostealer]](https://cdn.sensorstechforum.com/wp-content/uploads/2022/03/cryptocurrency-sensorstechforum-300x171.jpg "Remove RecordBreaker Malware [Cryptocurrency Wallet Infostealer]")
What Is RecordBreaker? RecordBreaker is a type of malware categorized as an information stealer (infostealer) and a trojan specifically targeting cryptocurrency wallets. According to Malpedia, the malware is a successor to the well-known Racoon Stealer. In terms of distribution, RecordBreaker…
What Is OpenSubtitles Uploader Adware? OpenSubtitles Uploader is an adware application that can be downloaded from freeware websites. Even though the application is not malicious in nature, the fact that it is ad-supported means that you will be exposed to…
![DONKEYHOT Ransomware [.donkeyhot files] - Removal and Decryption](https://cdn.sensorstechforum.com/wp-content/uploads/2022/08/ransomware-attack-sensorstechforum-com-300x171.jpeg "DONKEYHOT Ransomware [.donkeyhot files] – Removal and Decryption")
What Is DONKEYHOT? DONKEYHOT is a ransomware threat that extorts victims for the decryption of their encrypted files. The ransomware uses the .donkeyhot extension. So, if your files are locked with the .donkeyhot extension appended to their filenames, you have…
![EllipseChoice Mac Adware Removal Guide [Free Instructions]-sensorstechforum](https://cdn.sensorstechforum.com/wp-content/uploads/2022/08/EllipseChoice-Mac-Adware-Removal-Guide-Free-Instructions-sensorstechforum-300x171.png "EllipseChoice Mac Adware Removal Guide [Free Instructions]")
What Is EllipseChoice? EllipseChoice is an ad-supported, suspicious application that tampers with system and browser settings in order to display ads. The program belongs to a widespread family of adware applications, known as AdLoad or Trojan.AdLoad. In other words, EllipseChoice…
![DimMode Browser Extension Removal [Free Instructions]](https://cdn.sensorstechforum.com/wp-content/uploads/2022/03/mac-adware-sensorstechforum-1-300x171.webp "DimMode Browser Extension Removal [Free Instructions]")
What Is DimMode? Are you trying to remove an unwanted browser extension dubbed DimMode? At first glance, DimMode may have appeared to be a useful browser utility but once you installed it, it turned out that its only purpose was…
What Is CoordinatorOptimization? CoordinatorOptimization belongs to a family of ad-supported programs, known as AdLoad and Trojan.Adload. CoordinatorOptimization could open a backdoor on macOS and download and install adware and potentially unwanted programs. Furthermore, the threat could also perform information gathering,…
What Is UniversalSearchConsole? UniversalSearchConsole is yet another iteration of the AdLoad family of Mac adware programs. These programs are designed to compromise macOS computers via ads and redirects to suspicious pages. T he main distribution technique UniversalSearchConsole and other programs…
CVE-2022-2588, also known as Dirty Cred, is an eight-year old vulnerability in the Linux kernel that has been described as “as nasty as Dirty Pipe”. The Connection Between CVE-2022-2588 and CVE-2022-0847 Dirty Pipe, or CVE-2022-0847, was disclosed earlier this year…
