The Security Blog From Gridinsoft

7 Malicious Fake ChatGPT Apps Explained

Malicious Fake ChatGPT Apps: 7 AI Malware Scams to Avoid

Public release of ChatGPT made a sensation back in 2022; it is not an exaggeration to say it is a…

MIT Hacked, Students’ Data Sold on the Darknet

On February 13, 2024, a post on a Darknet forum appeared, offering to purchase a large pack of data leaked…

Warzone RAT Dismantled, Members Arrested

In an international law enforcement operation, the U.S. Department of Justice continues its fight against cybercriminals. The operation dismantled a…

HijackLoader Malware Comes With New Evasion Methods

The HijackLoader malware has added new defense evasion techniques. Other threat actors are increasingly using the malware to deliver payloads…

New Fortinet VPN RCE Flaw Discovered, Patch ASAP

Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be…

Critical Cisco Unity Connection Vulnerability Allows for Root Access

Cisco Unity Connection Vulnerability Enables Root Access

Cisco has recently addressed a significant security vulnerabilit in its Unity Connection softwarey, identified as CVE-2024-20272. This flaw poses a critical risk as it allows unauthenticated attackers to gain root…

Ivanti Connect Secure Zero-Day Exploited

Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild

Ivanti issued an alert about its Connect Secure VPN appliances. Advanced threat actors are exploiting two zero-day vulnerabilities in cyberattacks, possibly including state-sponsored groups. That is yet another vulnerability in…

Water Curupira hackers are actively distributing PikaBot malware

Water Curupira Hackers Spread PikaBot in Email Spam

Notorious group known as Water Curupira has unleashed a new wave of threats through their sophisticated malware, Pikabot. This menacing campaign, primarily spread through email spam, highlights an alarming escalation…

NoaBot Botnet Involved in Crypto Mining

NoaBot Botnet: The Latest Mirai Offspring

A new botnet called NoaBot emerged in early 2023. It reportedly targets SSH servers for cryptocurrency mining using the Mirai platform. On top of the Mirai’s functionality, it brings several…

Critical Auth Bypass Vulnerability in Apache OFBiz: CVE-2023-5146в

Apache OFBiz Vulnerability Exposes Millions of Systems

The cyber world has been rattled by the recent discovery of a critical zero-day vulnerability in Apache OFBiz, known as CVE-2023-51467. Researchers at SonicWall unveiled this flaw, which poses a…

YouTube Videos Promoting Malware

YouTube Videos Promote Software Cracks With Lumma Stealer

Researchers have discovered a cybersecurity threat that targets users through YouTube videos. These videos offer pirated software but are being used to distribute malware, specifically Lumma stealer. YouTube Videos Promoting…

Adobe ColdFusion Vulnerabilities Exploited in the Wild

Two Adobe ColdFusion Vulnerabilities Exploited in The Wild

Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks, the Cybersecurity & Infrastructure Security Agency (CISA) warns. Both issues are related to the possibility of arbitrary code execution, caused…

Tortilla Ransomware Free Decryptor Available

Tortilla (Babuk) Ransomware Decryptor Available

On January 9, 2024, Avast and Cisco Talos announced the release of a free decryptor for one of the Babuk ransomware variants – Tortilla. Analysts ensure that all the victims…

OAuth2 Vulnerability Allows for Persistent Session Hijacking

OAuth2 Session Hijack Vulnerability: Details Uncovered

A sophisticated exploit targeting Google’s OAuth2 authentication system was uncovered by Prisma threat actor. This exploit leverages undocumented functionalities within Google’s MultiLogin endpoint, enabling attackers to generate and maintain persistent…

xDedic Actors Have Been Apprehended After a Five-year Hunt

xDedic Marketplace Members Detained In International Operations

The infamous xDedic Marketplace, known for its illicit trade in compromised computers and personal data, has been effectively dismantled. 19 persons related to the marketplace were detained. The overall operation…

X/Twitter Crypto Scams From Verified Accounts

Verified X/Twitter Accounts Hacked to Spread Cryptoscams

The trend of hacking official accounts to promote cryptocurrency fraud is gaining momentum. Over the past week, researchers have discovered an abnormal number of such incidents. X/Twitter Crypto Scams From…

SMTP Smuggling - Global Email Security Threat

SMTP Smuggling is a New Threat to Email Security

A new SMTP Smuggling technique reportedly has the potential to bypass existing security protocols. Also it can enable attackers to send spoofed emails from seemingly legitimate addresses. This may breathe…