The Security Blog From Gridinsoft
XZ Utils Backdoor Discovered, Threating Linux Servers
A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of…
UnitedHealth Hack Leaks 6 TB of User Data
UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a…
Microsoft SharePoint Vulnerability Exploited, Update Now
In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a…
PyPI Malware Spreading Outbreak Exploits Typosquatting
PyPI, an index of Python packages, once again became a place for malware spreading. Threat actors registered hundreds of profiles…
ShadowRay Vulnerability Threatens AI Workloads, No Patch Available
Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine…
ShadowRay Vulnerability Threatens AI Workloads, No Patch Available
Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine learning clusters were already compromised, leading to the leak of…
GoFetch Vulnerability in Apple Silicon Uncovered
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible…
STRRAT and Vcurms Malware Abuse GitHub for Spreading
A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware in its IT systems, which led to a massive data…
Fortinet RCE Vulnerability Affects FortiClient EMS Servers
Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential…
Adobe Reader Infostealer Plagues Email Messages in Brazil
A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app,…
BianLian Exploits TeamCity Vulnerability to Deploy Backdoors
BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to…
PUA:Win32/Softcnapp Detection Analysis & Description
PUA:Win32/Softcnapp is a generic detection name of Microsoft Defender, assigned to an unwanted program. It sometimes appears as false positive detections of a legit app, like a desktop Viber client,…
Microsoft is Hacked, Again by Midnight Blizzard
Microsoft acknowledges being hacked for the second time this year, by the same Russia state-sponsored group Midnight Blizzard. The company confirms that this new breach is the outcome of the…
Phantom Hacker Scams On The Rise, Target Elderly
Phantom hacker scams is a specific type of fraud that aims at convincing the victim to transfer the funds due to the non-existent hacker threat. Over the last few months,…
WingsOfGod.dll – WogRAT Malware Analysis & Removal
WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since…
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a…