The Security Blog From Gridinsoft
Hunt Ransomware ([email protected])
Hunt ransomware is a new sample of the Dharma/CrySis ransomware family that appeared on April 5, 2024. This malware aims…
Two Android Zero-Day Flaws in Google Pixel Exploited
Google has disclosed that two Android zero-day security vulnerabilities have been detected in its Pixel smartphones. The patch is already…
Progress Flowmon Command Injection Flaw Discovered
Progress Flowmon, a popular network monitoring software solution, appears to be vulnerable to arbitrary command injection. Successful exploitation of the…
XZ Utils Backdoor Discovered, Threating Linux Servers
A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of…
UnitedHealth Hack Leaks 6 TB of User Data
UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a…
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a…
LockBit is Back With New Claims and Victims
The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence, the infamous gang is back online on a new Onion…
MrB Ransomware (.mrB Files) – Analysis & File Decryption
MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex extension to the encrypted files that ends up with “.mrB”.…
LockBit Ransomware Taken Down by NCA
On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection of other law enforcement agencies. The banner typical for such…
SYSDF Ransomware (.SYSDF Files) – Malware Analysis & Removal
SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies, aiming at file encryption with further requests for ransom payment…
Malicious Fake ChatGPT Apps: 7 AI Malware Scams to Avoid
Public release of ChatGPT made a sensation back in 2022; it is not an exaggeration to say it is a gamechanger. However, the scammers go wherever large numbers of people…
MIT Hacked, Students’ Data Sold on the Darknet
On February 13, 2024, a post on a Darknet forum appeared, offering to purchase a large pack of data leaked from Massachusetts Institute of Technology (MIT). The hacker under the…
Warzone RAT Dismantled, Members Arrested
In an international law enforcement operation, the U.S. Department of Justice continues its fight against cybercriminals. The operation dismantled a network that sold and supported the Warzone Remote Access Trojan…
HijackLoader Malware Comes With New Evasion Methods
The HijackLoader malware has added new defense evasion techniques. Other threat actors are increasingly using the malware to deliver payloads and tooling. The developer used a standard process hollowing technique…
New Fortinet VPN RCE Flaw Discovered, Patch ASAP
Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be actively exploited by attackers. The vulnerability in Fortinet network security…
Shim Bootloader Vulnerability Affects Linux Systems
Researchers have identified a critical vulnerability in Shim, a widely-used Linux bootloader. This vulnerability could potentially allow attackers to execute malicious code and gain control of target systems before the…
Ov3r_Stealer Steals Crypto and Credentials, Exploits Facebook Job Ads
A new Windows malware called Ov3r_Stealer is spreading through fake Facebook job ads, according to a report by Trustwave SpiderLabs. The malware is designed to steal sensitive information and crypto…