The Security Blog From Gridinsoft

Hackers Target ex-USSR Countries with Roundcube Webmail Vulnerability

Roundcube Webmail Vulnerability Exploited in Real-World Attacks

Vulnerability in Roundcube Webmail service appears to be exploited in real-world attacks. The flaw that falls under designation of stored…

Kaspersky Returns with UltraAV and UltraVPN: Are They Safe?

Kaspersky, an infamous Russian antivirus brand, is now back on the US market with its off-branded software, UltraAV antivirus and…

Spring Framework Vulnerability Leads to Data Leaks, Fix Now

Spring Framework has released an update that fixes the CVE-2024-38819 vulnerability, which potentially enables attackers to exploit HTTP requests for…

USDoD Hacker Arrested by Federal Police of Brazil

A hacker known under the moniker USDoD was arrested in Brazil on October 16, 2024. The Federal Police of Brazil…

uBlock Origin Plugin May Be Disabled, Google Warns

uBlock Origin, one of the most popular ad blocking extensions for Google Chrome, now falls out of favor of Google.…

Kasseika Ransomware Uses BYOVD Tactics in Attacks

Kasseika Ransomware Exploits Vulnerable Antivirus Drivers

A new ransomware called “Kasseika” uses Bring Your Own Vulnerable…

Critical Auth Bypass Vulnerability in GoAnywhere MFT

GoAnywhere MFT Auth Bypass Vulnerability Discovered

The fest of vulnerabilities in enterprise software continues with an…

RCE Vulnerability in Confluence Exploited in the Wild

Confluence RCE Vulnerability Under Massive Exploitation

Researchers are seeing attempts to exploit a critical vulnerability in…

CISA Urges Patching Citrix RCE Vulnerability

2 Citrix RCE Under Active Exploitation, CISA Notifies

CISA has given a timeframe of one to three weeks…

LockBit Ransomware Starts Using Word Files For Distribution, Again

LockBit Ransomware Uses Resume Word Files to Spread

A recent investigation by ASEC reveals the new tactics of…

SonicWall API vulnerability has left 178,000 firewalls vulnerable to attacks.

Over 178,000 SonicWall Firewalls are Vulnerable to DoS and RCE

Recent research uncovers a significant portion of SonicWall firewall instances…

Research Discover 9 Vulnerabilities in EDK II

9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II

A chain of 9 vulnerabilities in UEFI’s Preboot Execution Environment…

New Chrome 0-day Vulnerability Exploited, Patch Available

New Google Chrome 0-day Vulnerability Exploited, Update Now

In the most recent release notes, Google reports about a…

FBot Malware Targets Cloud and Payment Services.

Novice FBot Stealer Targets Cloud Services

Researchers report about a new malware strain dubbed FBot. This…

Azorult Malware Resurfaces 2 Years Later

AzorUlt Stealer Is Back In Action, Uses Email Phishing

Cybersecurity experts have stumbled upon the eight-year-old Azorult malware. This…

Remcos RAT Uses Webhards to Target Korean Users

Remcos RAT Targets South Korean Users Through Webhards

An infamous Remcos RAT reportedly started targeting South Korean users…

GitLab Zeroclick Account Hijack Vulnerability Uncovered

GitLab Zero-Click Account Hijack Vulnerability Revealed

On January 11, 2024, GitLab released an update with the…

AI Assistant

Hello! 👋 How can I help you today?