The Security Blog From Gridinsoft

ALPHV/BlackCat Shuts Down In Supposed Exit Scam

ALPHV Ransomware Shut Down, Exit Scam Supposed

On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement…

LockBit is Back With New Claims and Victims

The story around LockBit ransomware takedown on February 19 continues to unfold. After almost a week of downtime and silence,…

MrB Ransomware (.mrB Files) – Analysis & File Decryption

MrB ransomware is a new Dharma ransomware sample, discovered on February 21, 2024. It is distinctive for applying a complex…

LockBit Ransomware Taken Down by NCA

On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection…

SYSDF Ransomware (.SYSDF Files) – Malware Analysis & Removal

SYSDF is a ransomware-type program that belongs to the Dharma malware family. Such malicious software aims mainly at small companies,…

NortonLifeLock Hacked Via MOVEit Vulnerability

NortonLifeLock Hacked by Cl0P Gang, Using MOVEit Vulnerability

NortonLifeLock, the world-famous antivirus software developer, had reportedly been hacked…

Shuckworm attacks Ukrainian companies

Shuckworm Gang Attacks Ukrainian Companies Using Pterodo Backdoor and USB Drives

Symantec experts report that the Shuckworm hack group (aka Armageddon,…

Cloud Mining Scams Spread Roamer, the Android banking trojan

Cloud Mining Scams Spread Banking Trojans

It’s no secret that cybercriminals are increasingly using mobile platforms…

Russian-speaking Enlisted players

WannaCry 3.0 Ransomware Aims At Enlisted Russian-speaking Players

A previously unknown payload of ransomware, that call itself WannaCry…

Fake security company is spreading malware through GitHub

Malware in GitHub Repositories Is Spread From Fake Security Company Name

Researchers detected fake company accounts on GitHub linked to a…

BreachForums Back Online, Revived by ShinyHunters

BreachForums Is Back Online, Led by ShinyHunters

BreachForums, an infamous Darknet forum that was shut down in…

new vulnerabilities in MOVEit Transfer

New critical vulnerabilities found in MOVEit Transfer

It became known that during the audit in the solution…

RDP Honeypot Counted for 3.5 Million Attacks

RDP Honeypot Was Attacked 3.5 Million Times

With increased remote work, IT teams use remote access tools…

PoC Exploit for a vulnerability in Win32k

Information Security Experts Published a PoC Exploit for a Vulnerability in Win32k

Information security experts have published a PoC exploit for a…

Batcloak obfuscation engine

BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses

Trend Micro researchers reported recently that since September 2022, attackers…

Fortinet Fixes RCE Vulnerability in Two Software Solutions

Fortinet Fixes RCE Flaws in FortiOS and FortiProxy

Fortinet, a well-known vendor of corporate-grade security solutions, issued an…

Clop and MOVEit Transfer

Clop Attacks on MOVEit Transfer Affected British Airways, BBC and More

According to security researchers, the Clop ransomware group has been…

AI Assistant

Hello! 👋 How can I help you today?