The Security Blog From Gridinsoft
GoFetch Vulnerability in Apple Silicon Uncovered
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers…
STRRAT and Vcurms Malware Abuse GitHub for Spreading
A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware…
Fortinet RCE Vulnerability Affects FortiClient EMS Servers
Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses…
Adobe Reader Infostealer Plagues Email Messages in Brazil
A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF…
LockBit is Back With New Claims and Victims
The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence, the infamous gang is back online on a new Onion…
MrB Ransomware (.mrB Files) – Analysis & File Decryption
MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex extension to the encrypted files that ends up with “.mrB”.…
LockBit Ransomware Taken Down by NCA
On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection of other law enforcement agencies. The banner typical for such…
SYSDF Ransomware (.SYSDF Files) – Malware Analysis & Removal
SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment…
Malicious Fake ChatGPT Apps: 7 AI Malware Scams to Avoid
Public release of ChatGPT made a sensation back in 2022; it is not an exaggeration to say it is a gamechanger. However, the scammers go wherever large numbers of people…
MIT Hacked, Students’ Data Sold on the Darknet
On February 13, 2024, a post on a Darknet forum appeared, offering to purchase a large pack of data leaked from Massachusetts Institute of Technology (MIT). The hacker under the…
Warzone RAT Dismantled, Members Arrested
In an international law enforcement operation, the U.S. Department of Justice continues its fight against cybercriminals. The operation dismantled a network that sold and supported the Warzone Remote Access Trojan…
HijackLoader Malware Comes With New Evasion Methods
The HijackLoader malware has added new defense evasion techniques. Other threat actors are increasingly using the malware to deliver payloads and tooling. The developer used a standard process hollowing technique…
New Fortinet VPN RCE Flaw Discovered, Patch ASAP
Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be actively exploited by attackers. The vulnerability in Fortinet network security…
Shim Bootloader Vulnerability Affects Linux Systems
Researchers have identified a critical vulnerability in Shim, a widely-used Linux bootloader. This vulnerability could potentially allow attackers to execute malicious code and gain control of target systems before the…
Ov3r_Stealer Steals Crypto and Credentials, Exploits Facebook Job Ads
A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto…
Third Ivanti VPN Vulnerability Under Massive Exploitation
Experts have discovered a third Server Side Request Forgery (SSRF) vulnerability in Ivanti products. This is a serious security issue for corporate VPN devices. The new vulnerability allows unauthorized access…