Scranos is the name of a new rootkit-enabled spyware which despite its current sophistication appears to be “work-in-progress”. Bitdefender researchers recently discovered that the operators of Scranos are continuously testing new components on already-infected users and regularly making minor improvement…
CVE-2019-0859 is a zero-day vulnerability which was part of this month‘s Patch Tuesday. The vulnerability was detected by Kaskersky Lab researchers who just released detailed technical resume of the issue. In March 2019, Kaspersky’s Exploit Prevention (EP) systems detected an…
Australian police forces have informed the public that cyber-crooks focus on newer targets to drain funds – online payment systems. We are talking about pension funds, salaries as well as invoice payments. The amount of money in such attacks has…
Special team has been recently assigned in reviewing audio in Alexa with the main goal to help improve the way the device responds to commands. Amazon’s Alexa has been purchased countless times and has been used by a lot of…
Microsoft has declined to patch a zero-day vulnerability in Internet Explorer for which a security researcher published details and proof-of-concept. The flaw can allow attackers to steal files from computers running Windows. More specifically, the researcher successfully tested the zero-day…
New alarming statistics reveal that approximately 25 percent of phishing emails taken from a batch of 55 million analyzed emails were marked as clean by Office 365 Exchange Online Protection (EOP). This means that these phishing emails got to recipients’…
A new research reveals vulnerabilities in “a limited number of early implementations of WPA3™-Personal, where those devices allow collection of side channel information on a device running an attacker’s software, do not properly implement certain cryptographic operations, or use unsuitable…
A new highly sophisticated APT framework used for spying purposes was recently uncovered by security researchers. The malicious framework has been in operation for at least 5 years but it’s the first time it’s been detected. The framework has been…
April 2019 Patch Tuesday is here, consisting of fixes for 74 vulnerabilities. Note that two of the flaws (CVE-2019-0803 and CVE-2019-0859, see details below) are actively exploited in attacks in the wild. 13 of the vulnerabilities are rated critical, and…
Verizon Fios Quantum Gateway contains three high-severity vulnerabilities (CVE-2019-3914, CVE-2019-3915, CVE-2019-3916). which could allow command injection. When exploited at once, the flaws could give an attacker complete control over a network. Note that the device is used by millions of…
In December, 2017, malware researchers came across several apps that were published on Google Play and third-party app stores. The apps had surveillance capabilities. Because of the name of the malware’s payload, watchdog, the researchers named the apps AnubisSpy. Anubis…
The previously known Exodus spyware which plagued Google Play Store and respectively Android devices, is now equipped with a version for iOS. According to Lookout researchers, the iOS counterpart is less sophisticated than the Android version, and hasn’t been detected…
Another version of the “ATTENTION! You are screwed now” scam is currently circling the web. The subject line used by the scammer this time is “IMPORTANT! You have been recorded ʍasturbating! I have [email’s name].mp4!”. Related: [wplinkpreview url=”https://sensorstechforum.com/remove-save-yourself-scam/”] “Save Yourself”…
Sextortion (porn blackmail) scams distributed over email are becoming increasingly popular. Individuals from all over the world are receiving threatening email messages from people (scammers) that claim they have video recordings made via the individuals’ device camera. The recording purportedly…
Another day, another extortionist scam. As we’ve already said before, all recent scams delivered via email have one thing in common – they create a sense of fear and urgency in order to persuade the recipient to transfer a large…
Security researchers recently discovered a new tool that is actively scanning for exposed web services and default passwords. The researchers dubbed the malicious tool “Xwo”. The name is taken from its primary module name. Xwo is most likely related to…
There are two new cases of data sets exposing tons of information belonging to Facebook users. More specifically, half a billion records of millions of users of Facebook were openly available to the public internet. The records were found on…
Passwords are a pain in the ass. You and I can agree on that. The number of memes out there about passwords proves the point. Sites ask for your password to contain a capital letter, lowercase letter, numbers, a special…
CVE-2019-0211 is a new vulnerability in Apache HTTP Server software. The bug which was discovered by Ambionics security researcher Charles Fol has already been fixed in the latest version of the software, 2.4.39. The update should be applied immediately –…
Routers are an important part of the communication network. This networking device forwards the data between different computer networks. Usually, cat6 outdoor cables are used for router connections. As it connects different networks, hence router security is very important. Related:…
