Author: Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Hackers Actively Exploit the 0-Day Vulnerability in the Ultimate Member WordPress Plugin

Hackers actively exploit a zero-day vulnerability in the WordPress plugin Ultimate Member to increase privileges: with the help of this bug, attackers hack sites, bypassing protection, and create new administrator accounts. The Ultimate Member plugin is designed to facilitate registration and community creation on WordPress sites, and currently has more than 200,000 active installations. Ultimate… Continue reading Hackers Actively Exploit the 0-Day Vulnerability in the Ultimate Member WordPress Plugin

MITRE Compiled a List of the 25 Most Dangerous Bugs

MITRE specialists have published a list of the 25 most dangerous bugs in software over the past two years. It included a variety of shortcomings, including vulnerabilities and errors in the code, architecture, implementation and design of the software. Love lists of some hacker stuff or cyber threats? Check out this: Huge Ransomware List by… Continue reading MITRE Compiled a List of the 25 Most Dangerous Bugs

The Number of Companies Affected by Attacks on Vulnerabilities in MOVEit Transfer Increased

The consequences of exploiting a 0-day vulnerability in MOVEit Transfer’s file transfer management solution continue to spread. The total number of affected companies has already exceeded 100, and Siemens Energy and Schneider Electric are now among the victims who confirmed the compromise. Let me remind you that it all started with a 0-day vulnerability (CVE-2023-34362)… Continue reading The Number of Companies Affected by Attacks on Vulnerabilities in MOVEit Transfer Increased

8Base Ransomware Group On The Rise, Lists a Number of Victims

In June of this year, a new wave of cyber-attacks and extortion operations, organized by the criminal group 8Base, swept the world. Hackers use a double extortion method: they infect victims’ computers with a ransomware virus that blocks access to data, and then demand a ransom for their restoration. If the victim refuses to pay,… Continue reading 8Base Ransomware Group On The Rise, Lists a Number of Victims

PindOS JavaScript Dropper Distributes Bumblebee and IcedID Malware

Deep Instinct specialists spoke about a new JavaScript dropper called PindOS (such a “self-name” was found in the malware code and, based on slang signs, it can be assumed that it is of Russian origin). This malware is used to deliver additional payloads to infected systems, namely Bumblebee and IcedID. PindOS Dropper is Used to… Continue reading PindOS JavaScript Dropper Distributes Bumblebee and IcedID Malware

Chinese Hackers Accidentally Infected European Hospital with Malware

Check Point analysts found that Chinese hackers in a chain of accidents infected an unnamed European hospital with malware. Researchers attribute this to the uncontrolled spread of malware that is dissiminated by the Chinese hack group Camaro Dragon (aka Mustang Panda, BASIN, Bronze President, Earth Preta, HoneyMyte, RedDelta and Red Lich) via USB drives. The… Continue reading Chinese Hackers Accidentally Infected European Hospital with Malware

LastPass Users Can’t Login to App after Resetting MFA

Since May 2023, users of the LastPass password manager have been experiencing severe login issues after resetting their MFA. It all started when people were asked to reset multi-factor authentication (MFA) applications. The fact is that users are required to re-login to their LastPass account and reset the MFA after the company was hacked at… Continue reading LastPass Users Can’t Login to App after Resetting MFA

RepoJacking Attacks Could Threaten Millions of GitHub Repositories

Aqua researchers believe that millions of repositories on GitHub are vulnerable to an attack that allows taking over other people’s repositories and is called RepoJacking. The issue is reportedly affecting the repositories of Google, Lyft, and other major companies. Let me remind you that we also wrote that Malware in GitHub Repositories Is Spread From… Continue reading RepoJacking Attacks Could Threaten Millions of GitHub Repositories

Condi Malware Builds a Botnet from TP-Link Routers

In May 2023, a new Condi malware, focused on DDoS for hire, appeared. It builds a botnet and conducts attacks using vulnerabilities in TP-Link Archer AX21 (AX1800) Wi-Fi routers. Fortinet experts report that the Condi malware targets the CVE-2023-1389 vulnerability associated with command injection without authentication. The bug allows remote code execution via the router… Continue reading Condi Malware Builds a Botnet from TP-Link Routers

APT28 Attacked Ukrainian and Polish Organizations

Recorded Future, in collaboration with CERT-UA researchers, has unveiled a recent cyber offensive orchestrated by Russian-speaking hackers affiliated with the APT28 Group (also known as Fancy Bear, BlueDelta, Sednit, and Sofacy). Their target: Roundcube mail servers of various Ukrainian organizations, including government entities. As a reminder, we previously reported on the divergence of hacker groups,… Continue reading APT28 Attacked Ukrainian and Polish Organizations