The Security Blog From Gridinsoft

GitHub Enterprise Server Authentication Bypass Flow Discovered, Patch Now

GitHub Enterprise Server Auth Bypass Flaw Discovered

On May 21, 2024 GitHub disclosed a new authentication bypass flaw in their Enterprise Server. Encoded as CVE-2024-4985, it is…

Zabbix SQLi Vulnerability Leads to RCE, Latest Versions Affected

Zabbix, a network monitoring tool widely used in corporate IT infrastructure around the world, appears to be susceptible to SQL…

BreachForums is Seized, Again, FBI Puts a Banner

BreachForums, one of, if not the biggest Darknet forum, is once again seized by law enforcement. On Wednesday afternoon, May…

Dell Hacked, 49 Million Users Exposed

On Friday, May 10, Dell Technologies released a claim regarding the massive data leak that happened in their internal network.…

LockBit Leader Identity Revealed, NCA Publishes More Data

On May 7, 2024, UK National Crime Agency published the detailed dossier on the LockBit ransomware group’s leader. Dmitry Khoroshev,…

Hackers Employ WormGPT for Generating Phishing Emails

WormGPT Helps Cybercriminals to Launch Sophisticated Phishing Attacks

SlashNext noticed that cybercriminals are increasingly using generative AI in…

US Military Emails Compromised Due to the Typos in Receiver Address

US Military Emails Leaked Massively Due to the Typo

Email letters sent to the US military addresses ended up…

Microsoft’s nOAuth Flaw Allows Email Spoofing

Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

In June, researchers revealed a vulnerability in Azure Active Directory…

American Airlines Hacked by Cl0p via MOVEit MFT Vulnerabilities

American Airlines Hacked by Cl0P Gang, MOVEit Involved

American Airlines, the major airline company in the US, appears…

Trojan:Win32/Randet.A!plock Microsoft Defender Detection

Trojan:Win32/Randet.A!plock – What is That Detection?

Windows Defender’s mass detections of Trojan:Win32/Randet.A!plock worries people. Are the…

CVE-2023-36884 Microsoft Zero Day Vulnerability

Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild

On July 11, 2023, Microsoft published an article about addressing…

BlackLotus UEFI Bootkit

Researchers Found BlackLotus UEFI Bootkit Sources on GitHub

The source code for the BlackLotus UEFI bootkit, which was…

Cryptocurrency Scams Aim Hot and Cold Wallets At Once

Hot and Cold Crypto Wallets Hacking

Cryptocurrency is a rapidly changing world where people can make…

Fake Driver Signatures Used to Inject Malware

Forged Driver Signatures Exploited In The Wild

Hackers actively use driver signature spoofing, which originates from a…

Legion Stealer Malware Aims PUBG Players

Legion Stealer targeting PUBG players

Scammers are using a misleading GitHub page to distribute Legion…

vulnerability in MOVEit Transfer

MOVEit Transfer Fixes a New Critical Vulnerability

After hundreds of companies were attacked with a 0-day vulnerability…

California Water treatment plant

California Water Treatment Plant Is in the Hands of a Hacker

Rambler Gallo, a resident of Tracy, Calif., has been charged…

AI Assistant

Hello! 👋 How can I help you today?