The Security Blog From Gridinsoft

Exim 0-day Vulnerablity Allows Executing Arbitrary Code

Exim Vulnerability Allows RCE, No Patches Available

Exim Internet Mailer, a program massively used as a basis for mailing servers, appears to have a remote code execution…

Redline and Vidar Stealers Switch to Ransomware Delivery

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same…

TikTok Flooded By Elon Musk Cryptocurrency Giveaway Scams

Recently, TikTok has been inundated with a flood of cryptocurrency giveaway scams videos spread across the platform. Mostly, these scams…

3AM Ransomware Backs Up LockBit In Cyberattacks

Cybersecurity researchers have discovered a new family of ransomware called 3AM. Attackers attempted to use it as an alternative attack…

Google Fixes Critical Vulnerability in Chrome, Exploited in the Wild

Google released an urgent security update for its Chrome browser. The patch contains the fix for CVE-2023-4863, a heap buffer…

Chrome Vulnerability Allows for RCE Exploitation

Google Fixes Critical Vulnerability in Chrome, Exploited in the Wild

Google released an urgent security update for its Chrome browser. The patch contains the fix for CVE-2023-4863, a heap buffer overflow vulnerability that can simply be exploited. Actually, Google states…

Fake Telegram Apps Infected More than 10 million Users

Spyware in Fake Telegram Apps Infected Over 10 million Users

It is important to exercise caution when using messenger mods. There have been reports of spyware disguised as modified versions of Telegram on the Google Play Store. This malware designed…

Pandora Botnet Exploits Android TVs for Attacks

Mirai variant “Pandora” infects Android TV for DDoS attacks.

A new variant of the Mirai malware botnet has been detected, infecting low-cost Android TV set-top boxes. They are extensively used for media streaming by millions of people. The present…

W3LL attacks Microsoft 365 accounts, bypassing MFA

W3LL Targets Microsoft 365 Accounts with Sophisticated Phishing Kit

In the ever-evolving landscape of cyber threats, crooks continually find new and inventive ways to exploit vulnerabilities and target valuable assets. One such threat that has recently garnered significant attention…

Conti and Trickbot Hackers Got Sanctioned By US and UK Authorities

NCA and DoJ Introduce New Sanctions Against Conti/Trickbot Hackers

On September 7, 2023, NCA released a statement regarding the new complex pack of sanctions against Russian Conti cybercrime group members. Accused of participating in extortions worth $800 million, gang…

Can Zero-Day Attacks Be Prevented With Patches?

Can Zero-Day Attacks Be Prevented With Patches?

In recent years, zero-day exploits and attacks have become prominent emerging threats. These attacks take advantage of unknown vulnerabilities within software, which makes them almost impossible to detect and prevent.…

The United States and its allies dismantled the Qakbot financial fraud network

QakBot Botnet Dismantled, But Can It Return?

On Tuesday, the US authorities announced that as a result of the international law enforcement operation “Duck Hunt,” the infamous Qakbot malware platform, which is linked to Russia, was destroyed.…

Chaes Malware Receives New Update

Chae$4 Malware Released, Targets Banking & Logistic Orgs

Cybersecurity experts have discovered a new variant of Chaes malware called “Chae$4”. This malware targets the banking and logistics industries and significant content management platforms. New Chae$4 Malware Targets Banking…

Massive Freecycle Data Breach Exposes Over 7 Million Customers

7 Million Freecycle Users Exposed In a Massive Data Breach

Freecycle has alerted its users that sensitive information of over 7 million of them may have been compromised in a recent data breach. The organization suspects that over seven million…

SapphireStealer Review and Analysis

SapphireStealer: Stealthiness, Flexibility and Malware Delivery

SapphireStealer is one such new information stealer to steal various browser credential databases and files containing users’ sensitive information. The codebase for SapphireStealer was made public on GitHub on December…

DarkGate Malware Activity Spikes as Developer Rents Out It

DarkGate Loader Expands Activity, Delivers Ransomware

A new DarkGate malware deployment campaign has caught the attention of cybersecurity researchers. This was fueled by the developer’s decision to lease its product to a limited number of affiliates.…

Qakbot Botnet Shut Down, Ransomware Attacks Stopped

Qakbot Botnet Hacked, Removed from Over 700,000 Machines

Qakbot, a notorious botnet, has been taken down by a multinational law enforcement operation spearheaded by the FBI, Operation “Duck Hunt”. The botnet, also called Qbot and Pinkslipbot, that considered…