An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Another set of critical vulnerabilities in Cisco products was just addressed; more specifically, in Cisco’s data center manager (DCNM) and SD-WAN. The data center vulnerability (CVE-2020-3382) has scored 9.8 out of 10, making it a highly critical security issue. The…
BootHole is a new vulnerability in the GRUB2 bootloader used by most Linux distributions. The vulnerability, CVE-2020-10713, can be exploited for arbitrary code execution during the boot process, even with Secure Boot enabled. If exploited successfully, the vulnerability could give…
Security researchers recently discovered an unsecured database that belongs to Avon. The server didn’t have any basic security measures in place, and could be easily accessed. Thanks to this security weakness, researchers at SafetyDetectives unveiled 19 million records of individuals…
A new study by Princeton University highlights the interrelation of using smartphones, associate behavioral data, and personality traits. Titled “Predicting personality from patterns of behavior collected with smartphones“, the study delves into the extent to which individuals’ personality dimensions (assessed…
A new issue affecting Windows 10 versions 1903, 1909, and 2004 has been discovered. The issue is preventing Windows Sandbox and Windows Defender Application Guard from opening, which leads to either of the following error messages: ‘ERROR_VSMB_SAVED_STATE_FILE_NOT_FOUND (0xC0370400)’ or ‘E_PATHNOTFOUND…
A new breakthrough discovery regarding artficial intelligence (AI) was recently introduced in a research paper. Researchers from George Washington University in the United States discovered that using light rather than electricity for computing can create more powerful AI. Using Light…
Security researchers at Kaspersky Labs recently detected a new malware framework that they called MATA. The researchers believe the MATA framework is linked to the Lazarus APT group. The MATA framework contains several components, including loader, orchestrator, and plugins, and…
Account takeover (ATO) continues to be a “ubiquitous problem”, at the heart of which are compromised user credentials. According to a detailed paper by Digital Shadows Photon Research, currently approximately 15 billion credentials are circulating on hacker forums, enabling account…
The Magecart group is not the only hacking collective targeting online e-commerce stores en masse. Known as Keeper, this cybercrime group has successfully broken into online store backends to change their source code and insert malicious scripts. These scripts stole…
Are you actively using dating apps? Then you may want to know that cybersecurity researchers just discovered 5 separate leaks of personal information of users of dating apps in the US, Japan, and South Korea. According to WizCase researchers, the…
Privacy on social media should be a top concern for online users. However, most people remain unaware of the misdeeds of social networks and app developers who often abuse their personal information. The CanaryTrap Method Helps Identify Data Misuse Fortunately,…
A new information disclosure vulnerability, CVE-2020-12418, was just discovered in Mozilla Firefox. Discovered by Cisco Talos, the vulnerability can be exploited by tricking the user into visiting a specially crafted web page via the browser. In case of a successful…
Two out-of-band security updates were just released by Microsoft, addressing remote code execution (RCE) security flaws in Microsoft Windows Codecs Library. Several Windows 10 and Windows Server versions are affected by the vulnerabilities, which are known as CVE-2020-1425 and CVE-2020-1457.…
How safe do you think your Facebook password is? If you have used one of the 25 Android apps Google just removed from Google Play Store, your Facebook credentials were stolen. The findings come from French cybersecurity firm Evina which…
LenovoEMC NAS devices are the latest targets of a cybercrime group known as Cl0ud SecuritY. LenovoEMC NAS, or network-attached storage devices are currently being targeted by ransomware threat actors who wipe their files and demand a ransom of about $200…
A new report by WatchGuard sheds light on the state of malware so far into 2020. One of the most crucial findings of the report is that 67% of the malware in Q1 of 2020 was distributed via encrypted HTTPS…
Exploit kits have been deployed in plenty of ransomware campaigns in the past few years. Some exploit kits have a short life-span, and others, like Magnitude EK, continue to evolve and be improved. In fact, Magnitude EK is one of…
A new privacy service developed by Privacy Bee, an Atlanta-based platform focuses on removing users’ data from thousands of databases. The idea of the service is to scrub personal data from databases of companies so that the data can’t be…
A remote code execution vulnerability in Bitdefender, known as CVE-2020-8102 was discovered recently. More specifically, the vulnerability resided in the Safepay browser component in the security solution. CVE-2020-8102: Technical Overview Here’s the official description of CVE-2020-8102: Improper Input Validation vulnerability…
79 Netgear router models were just found containing a severe security vulnerability that could lead to remote control. More specifically, the vulnerability affects 758 firmware versions used in 79 Netgear router models. Netgear Routers Affected by Security Vulnerability The flaw…
