Vladimir Krasnogolovy, Author at Gridinsoft Blogs

Security News

Information Security Specialist Showed How to Steal a Tesla Car

ByVladimir KrasnogolovyMay 19, 2022

Sultan Qasim Khan, a security consultant of the NCC Group, has disclosed a vulnerability that allows attackers to enter the salon and steal a Tesla car. The vulnerability consists of the redirection of communication between the Tesla owner’s smartphone or key fob and

Security News

Germans Interested in the Situation in Ukraine Are Attacked by the PowerShell RAT Malware

ByVladimir KrasnogolovyMay 18, 2022

An unknown hacker attacked German users who are interested in information about the Russian invasion of Ukraine, infecting them with PowerShell RAT malware (more precisely, a remote access trojan) and stealing their data. Let me remind you that we wrote that Hacker groups

Security News

Microsoft Has Not Fully Coped with PetitPotam Attacks in Windows NTLM Relay

ByVladimir KrasnogolovyMay 17, 2022

In May, Microsoft released a security update, as it had previously not fully coped with attacks called PetitPotam. The update and mitigation recommendations target a heavily exploited vulnerability in NTLM Relay called Windows LSA Spoofing Vulnerability with the number

Security News

Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites

ByVladimir KrasnogolovyMay 1, 2022

Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine was hit by large-scale DDoS attacks. CERT-UA has published a report on ongoing DDoS attacks on Ukrainian websites and a government web portal. Unknown attackers compromise WordPress sites and inject

Security News

Stabbed in the back: Chinese Mustang Panda Cyberspies Attack Russian Officials

ByVladimir KrasnogolovyApril 29, 2022

Secureworks researchers have discovered a phishing campaign by Chinese Mustang Panda cyberspies targeting Russian officials and the military. According to experts, Chinese “government” hackers from the Mustang Panda group (aka HoneyMyte, Bronze President,

Security News

Vulnerabilities in Linux Allow Gaining Superuser Rights

ByVladimir KrasnogolovyApril 27, 2022

A Microsoft specialist has discovered vulnerabilities in Linux systems, the exploitation of which allows quickly gaining superuser rights. In total, two vulnerabilities were discovered (CVE-2022-29799 and CVE-2022-29800) and united under the common name Nimbuspwn. Problems

Security News

Emotet Malware Operators Found a Bug in Their Bootloader

ByVladimir KrasnogolovyApril 26, 2022

Emotet malware operators have fixed a bug due to which, after opening a malicious document the system was not infected, and launched a phishing campaign again. Let me remind you, by the way, that at the end of last year we wrote that Microsoft patches Windows AppX Installer

Security News

T-Mobile Admits that Lapsus$ Hack Group Stole Its Source Codes

ByVladimir KrasnogolovyApril 25, 2022

Information security specialist Brian Krebs found out that even before the arrests, the Lapsus$ hack group managed to compromise the telecom giant T-Mobile. The company confirmed this information, saying that a few weeks ago, hackers penetrated the company’s network,

Security News

Amazon Patch for Log4Shell allowed privilege escalation

ByVladimir KrasnogolovyApril 22, 2022

Palo Alto Networks warns that a patch released by Amazon to protect AWS from high-profile issues in Apache Log4j, including the Log4Shell vulnerability, poses a threat to users. The patch can be used to escape the container and escalate privileges, allowing an attacker to

Security News

Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

ByVladimir KrasnogolovyApril 21, 2022

The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8)