An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Four security vulnerabilities, recently addressed in Microsoft Windows Patch Tuesday for September, could allow attackers to target Azure cloud customers. The flaws could enable escalation of privilege and remote takeover attacks on exposed systems. Related: Linux Threat Landscape 2021: Most…
A high-severity flaw in the HP OMEN driver was discovered recently. The flaw, which has been assigned the identifier, affects millions of gaming computers. Related: The Netfilter Rootkit: How Microsoft Signed a Malicious Driver CVE-2021-3437 in HP OMEN Driver The…
Is your Chrome browser up-to-date? Google just released fixes for 11 security vulnerabilities, two of which are actively exploited in the wild. All 11 vulnerabilities are highly dangerous. To prevent your browser from being exploited by hackers, you should apply…
There’s a new zero-day, zero-click vulnerability in all types of Apple devices, including Macs, iPhones, iPads, and WatchOS. The flaw has been called FORCEDENTRY. Related: The State of Apple’s Privacy So Far in 2021 How was the Apple FORCEDENTRY (CVE-2021-30860)…
Puma, the sportswear manufacturer, has been compromised in a cyberattack. Reports by The Record (by Recorded Future) reveal that some of Puma’s source code has been stolen by hackers, in an attempt to try and extort the company into paying…
At the end of June, 2021, security researchers from Russian firm Qrator started observing “a botnet of a new kind.” A joint research with Yandex followed to discover more about this new DDoS threat “emerging in almost real-time”. Related: New…
A threat actor has recently disclosed SSL-VPN access information to 87,000 FortiGate SSL-VPN devices, Fortinet has confirmed. Unpatched CVE-2018-13379 in FortiGate SSL-VPN Devices Caused the Leak According to the statement, the said credentials were taken from systems that remained unpatched…
CISA has released an alert regarding a new, critical zero-day vulnerability affecting Zoho ManageEngine servers. Related: Three New Zero-Days Disclosed in Kaseya Unitrends More specifically, an authentication bypass flaw affects the REST API URLs in ADSelfService Plus, which could lead…
A team of scholars from universities in Australia, Israel, and the United States has created a new side-channel attack that targets Google Chrome’s Site Isolation feature. The attack, called Spook.js, is a new transient execution side channel exploit targeting Chrome…
ExpertSearchModule, also known as Adware.MacOS.ExpertSearchModule, is an ad-supported and potentially unwanted app targeting Mac users. The app may promise to improve your searching but instead it may simply flood you with various intrusive advertising content. The app may have sneaked…
A new zero-day vulnerability, CVE-2021-40444, was found lurking in Internet Explorer, making it possible for hackers to exploit exposed Windows systems via malicious Office documents. Related: CVE-2021-36948 Zero-Day in Windows Update Medic Exploited in the Wild CVE-2021-40444 RCE Flaw Used…
Windows 11 is already making the headlines in terms of hackers’ exploitation. Apparently, FIN7, a well-known hacking group, has been using Windows 11 themes in an attempt to trick recipients in a recent phishing campaign targeting a PoS (point-of-sale) company.…
Mydesktopdefender.com is a suspicious domain that may trigger numerous redirects, based on the user’s geographical location. Such websites are often associated with the generation of unwanted ads, hence the term adware is often added to their description. Most antivirus and…
To shed some light on the everlasting “bundled malware” threat, Sophos researchers recently performed a thorough investigation on a network of websites related to an ongoing Racoon infostealer campaign, acting as a “dropper as a service.” This network distributed a…
A total of 16 vulnerabilities are plaguing the Bluetooth software stack of numerous SoC (system-on chip) chipsets. Called BrakTooth, the vulnerabilities affect 1,400 chipsets used in laptops, smartphones, IoT and industrial devices. If exploited, the flaws could crash and freeze…
Gray Hat Ransomware – Clay Virus File A new ransomware is circling the web. Called Gray Hat, the cryptovirus sneaks into Windows systems to decrypt data and demand a ransom payment in exchange for a decryption key. The Gray Hat…
AlgorithmInput Mac Adware AlgorithmInput is an adware application targeting Mac users. The app may have sneaked into your macOS following a bundled freeware download. Another possible reason for AlgorithmInput’s appearance is if you clicked a suspicious notification alerting you about…
A number of security flaws in the default firmware and web interface app of a popular router were discovered by CyberNews researchers that could expose its owners at risk of man-in-the-middle and denial-of-service attacks. TP-Link AC1200 Archer C50 (v6) is…
Two security vulnerabilities were discovered in the Gutenberg Template Library & Redux Framework plugin for WordPress, CVE-2021-38312 and CVE-2021-38314. Discovered by Defiant researchers, the vulnerabilities could impact more than a million WordPress websites running the plugin. Both flaws affect plugin…
ExtendedService Mac Adware ExtendedService is yet another potentially unwanted app designed to compromise macOS systems. If you have this app installed on your Mac, you may be experiencing multiple pop-ups and redirects to suspicious pages. These pages may be deployed…
