The Security Blog From Gridinsoft

XZ Utils Backdoor Allows for Unauthorized SSH Access

XZ Utils Backdoor Discovered, Threating Linux Servers

A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of…

UnitedHealth Hack Leaks 6 TB of User Data

UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a…

Microsoft SharePoint Vulnerability Exploited, Update Now

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a…

PyPI Malware Spreading Outbreak Exploits Typosquatting

PyPI, an index of Python packages, once again became a place for malware spreading. Threat actors registered hundreds of profiles…

ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine…

Batcloak obfuscation engine

BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses

Trend Micro researchers reported recently that since September 2022, attackers…

Fortinet Fixes RCE Vulnerability in Two Software Solutions

Fortinet Fixes RCE Flaws in FortiOS and FortiProxy

Fortinet, a well-known vendor of corporate-grade security solutions, issued an…

Clop and MOVEit Transfer

Clop Attacks on MOVEit Transfer Affected British Airways, BBC and More

According to security researchers, the Clop ransomware group has been…

Android Malware Hides in Play Store as Legit Apps

Android Malware Mimics VPN, Netflix and Over 60k of Other Apps

Android is an open operating system. This is an advantage…

Beware Email Scams Related to Summer Vacations

Beware of Vacation-Related Scams: 4 Most Prevalent Types

Email scam actors constantly try to pick a better disguise…

What is BlackCat Ransomware

BlackCat Ransomware New Update Boosts Exfiltration Speed

BlackCat ransomware continues to make a fuss globally for the…

ChatGPT and malicious packages

Hackers Can Use ChatGPT Hallucinations to Distribute Malicious Packages

According to vulnerability and risk management company Vulcan Cyber, attackers…

Clop and MOVEit Transfer

Microsoft Researchers Link Clop Gang to MOVEit Transfer Attack

Microsoft has linked the Clop ransomware gang to a recent…

ChatGPT is Used to Create Phishing Emails With Social Engineering

ChatGPT has become a New tool for Cybercriminals in Social Engineering

Artificial intelligence has become an advanced tool in today’s digital…

AI-controlled drone

The AI-Controlled Drone Did Not “Kill” Its Operator Even During the Simulation. At Least for Now

At the recent Future Combat Air and Space Capabilities summit,…

Terminator and antivirus programs

Russian Hacker Sells Terminator Tool That Is Allegedly Able to Bypass Any Antivirus Programs

A tool called Terminator appeared on one of the Russian…

MOVEit MFT 0-day Allows Unautorized Access

MOVEit MFT 0-day Vulnerability is Used to Steal Corporate Data

MOVEit managed file transfer (MFT) solution appears to contain a…

AI Assistant

Hello! 👋 How can I help you today?