A known vulnerability dubbed ThinkPHP, which was disclosed and fixed in December last year, has been exploited for botnet propagation by a new Mirai variant, Yowai, a variant of Gafgyt known as Hakai. The discovery comes from Trend Micro, and…
A proof-of-concept code for jailbreaking iPhone X has been created by a security researcher. The code reveals how two vulnerabilities can be chained to carry out a jailbreak operation, and the attack is quite simple, requiring an attacker to trick…
A new anti-ransomware solution has been developed by Cohesity, a privately held enterprise storage company headquartered in San Jose, California. The solution offers a set of capabilities meant to prevent, detect and respond to ransomware cyberattacks. According to the company’s…
Microsoft’s search engine, Bing, has been blocked by China. This has been confirmed by Chinese users who complained about not being able to use the search engine. Bing is yet another service that has been blocked by the Chinese government…
URLhaus is a cybersecurity project launched by the well-known abuse.ch non-profit organization in Switzerland. The project is focused on sharing malicious URLs, and it just succeeded in taking down nearly 100,000 websites exploited for malware distribution. The take-down operation requires…
Running outdated software hides huge risks but many users (both home and enterprise) do it anyway. According to a new security report, 55 percent of applications installed on machines worldwide are outdated, meaning they have not been updated to the…
A dangerous flaw has been discovered in the APT package manager for Linux distributions which allows hackers to remotely hack target machines. The issue is being tracked in the CVE-2019-3462 advisory which gives further information about the vulnerability. The affected…
A design flaw has been discovered in the file transfer interaction between a client host and a MySQL server. The bug allows threat actors operating a malicious MySQL server to obtain any data the connected client has read access to.…
Several vulnerabilities have been discovered in the firmware of a Wi-Fi chipset, meaning that a variety of laptop and smart devices are affected. The exploit can happen without user interaction, claims Embedi researcher Denis Selianin. With this research, I’m going…
Cisco Small Business Switches are vulnerable to a remote attack where commands with admin privileges can be executed. The vulnerability is tracked under CVE-2018-15439, and it could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an…
It is very critical for businesses to protect confidential data that they collect and retain such as customer information, legal contracts, bank details, and other important documents. If not handled properly, data can be compromised which can cause irreversible damages…
There are many specialist Linux distributions that are designed with security in mind. Even though there are universal distributions that cater for practically all usage many administrators, concerned citizens and penetration testers usually choose specific ones. This article will reveal…
Remember Magecart? In November last year, security researchers discovered that the the infamous malware, known for harvesting credit card details from checkout forms, [wplinkpreview url=”https://sensorstechforum.com/sites-magecart-malware-reinfected/”]could re-infect even after clean-up. Now, Magecart is active once again in notorious campaigns in which…
2019 already has its first major data leak which consists of approximately 773 million unique email IDs and 21 million unique passwords, as reported by Troy Hunt: Last week, multiple people reached out and directed me to a large collection…
A major security vulnerability that affects nearly half of all airlines worldwide was just discovered by researcher Noam Rotem. The researcher stumbled upon the flaw while booking a flight with Israeli national carrier EL AL Israel Airlines. The vulnerability allows…
Several security vulnerabilities were discovered in five popular web hosting services. The flaws enable threat actors to steal sensitive information or even take over customers’ accounts. The vulnerabilities were unearthed by security researcher Paulos Yibelo, who is a well-known bug…
Microsoft has announced their plans on extending 5 year support of the operating system Windows 7. They have also stated that this extended support ends on the 14th of January, 2020. But after Windows 7 runs out of support, Microsoft…
Ransomware is usually after one thing only, and that’s encrypting the victim’s data and extorting payment for its decryption. However, a new piece of ransomware which is still in a development stage adds something else to its malicious activity –…
After a whirlwind year in cyberattacks, everyone is asking the same question: how much worse can it get, and what are we going to do about it? Cybersecurity is – to say the least – a hot-button subject. From accusations…
A new type of ransomware virus has been detected by victims and researchers in China to be spread in a global outbreak, calling itself hAnt threatens to burn down your AntMiner if you don’t pay 10 BTC. The ransomware is…
