The Security Blog From Gridinsoft

Data Breach in Zeroed-In Affects Dollar Tree

Dollar Tree Data Breach Impacting 2 Million People

Discount retailer Dollar Tree was hit by a data breach when third-party service provider Zeroed-In Technologies fell victim, affecting almost…

BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Eurecom has uncovered a series of exploits named “BLUFFS”, posing a significant threat to the security of Bluetooth sessions. These…

Okta Hack Exposes Data of All Support Customers

Back in mid-October 2023 Okta, one of the world’s largest identity providers, suffered a data breach. Security vulnerabilities in its…

Henry Schein was hacked twice by BlackCat ransomware

Henry Schein Global, a healthcare solutions provider, faced a persistent cybersecurity nightmare. The BlackCat/ALPHV ransomware gang is launching a second…

Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts

“Ethyrial: Echoes of Yore” fell victim to a ransomware attack last Friday. The attack hit 17,000 player accounts, wiping them…

ActiveMQ Vulnerability Exploited in the Wild to Install Cryptominer Malware

Apache ActiveMQ Vulnerability Exploited In The Wild

Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in the real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems…

Zimbra vulnerability exploited in the wild

Zimbra Vulnerability Exploited in the Wild

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability…

ALPHV Ransomware Gang Reports MeridianLink to SEC

ALPHV/BlackCat Ransomware Reports MeridianLink Hack To SEC

Ransomware Gang ALPHV Takes Unprecedented Step: Files SEC Complaint Over Alleged Victim’s Undisclosed Breach. And no, this is not a joke from ChatGPT. Hackers from BlackCat/ALPHV group found yet another…

VMware Issues Urgent Warning About Unpatched Critical Cloud Director Vulnerability

VMWare Cloud Director Vulnerability Circumvents Authentication

VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score…

IPStorm Botnet Stopped by FBI, Key Operator Detained

IPStorm Botnet Stopped by the FBI, Operator Detained

The FBI has successfully dismantled the notorious IPStorm botnet and apprehended its operator. The operation took place back in September, with the key operator, Sergei Makinin, detained around this time.…

Plume Data Breach Published on the Darknet

Plume Hacked, Data Leaked in the Darknet

An anonymous hacker posted about a Plume data breach on the Darknet. The hacker says they have stolen the personal information of millions of users and threaten to release the…

Reptar Vulnerability in Intel Allows to Escalate Privileges

Reptar Vulnerability Threatens Intel Processors

Intel has fixed a serious Reptar vulnerability in various processors for desktops, servers, mobile devices and embedded systems. This has also proven to be a problem for the latest Alder…

Moneris claimed by Medusa ransomware

Moneris Hacked, Medusa Ransomware Claims

Canadian fintech giant Moneris has been claimed to have been hacked by the notorious Medusa ransomware group. It sends shockwaves through the country’s financial sector. The group is known for…

Trojanized CPU-Z Installer Promoted in Google Ads

Malicious CPU-Z Copy Is Spread In Google Search Ads

Attackers are again abusing the Google Ads platform to distribute malicious advertising and Redline information stealer. This time, the ads advertised a trojanized version of the CPU-Z tool. CPU-Z Malware…

Boeing data breach

LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes…

SLP Vulnerability Used in DDoS attacks

SLP DDoS Amplification Vulnerability Actively Exploited

In a recent development, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over an actively exploited high-severity flaw in the Service Location Protocol (SLP). Designated as CVE-2023-29552,…

SecuriDropper Attack Androids Devices

SecuriDropper Bypasses Google Play & Android Defenses

SecuriDropper is a rare example of the Android dropper malware that operates under the dropper-as-a-service (DaaS) model. This malware is raising significant concerns among experts due to its ability to…