The Security Blog From Gridinsoft

Critical Auth Bypass Vulnerability in GoAnywhere MFT

GoAnywhere MFT Auth Bypass Vulnerability Discovered

The fest of vulnerabilities in enterprise software continues with an auth bypass flaw in Fortra’s GoAnywhere MFT. Rated at CVSS…

Confluence RCE Vulnerability Under Massive Exploitation

Researchers are seeing attempts to exploit a critical vulnerability in outdated Atlassian Confluence servers. The flaw allows attackers to execute…

2 Citrix RCE Under Active Exploitation, CISA Notifies

CISA has given a timeframe of one to three weeks to fix three vulnerabilities related to Citrix NetScaler and Google…

LockBit Ransomware Uses Resume Word Files to Spread

A recent investigation by ASEC reveals the new tactics of an infamous LockBit ransomware. “Post-paid pentesters” started masquerading as innocuous…

Over 178,000 SonicWall Firewalls are Vulnerable to DoS and RCE

Recent research uncovers a significant portion of SonicWall firewall instances being susceptible to attacks. In particular, two vulnerabilities are able…

BlackLotus UEFI Bootkit

BlackLotus UEFI Bootkit Bypasses Protection even in Windows 11

ESET experts reported that the BlackLotus UEFI bootkit, which is…

What is Beep Malware?

New stealthy “Beep” malware focuses heavily on evading detection

Cybercriminals periodically develop something new. Sometimes it is an updated…

LastPass Breach Is Bigger Than It Was Expected

LastPass Breach Investigation Goes On, Things are Even Worse

LastPass, owned by GoTo (formerly LogMeIn) and with over 30…

YouTube and Pixel smartphones

YouTube Video Causes Pixel Smartphones to Reboot

Users have found that Pixel smartphones powered by Google Tensor…

imitating a voice with AI

The Researcher Hacked His Own Bank Account by Imitating a Voice with AI

The journalist Vice Motherboard Joseph Cox hacked the bank account…

heads of cybersecurity departments

Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025

According to a new report from Gartner, by 2025, nearly…

Activision's Slack

Hackers Broke into Activision’s Slack and Stole Data

Activision, the publisher of computer games (including the Call of…

new infostealer Stealc

Cybersecurity Experts Discovered a New Stealc Infostealer

ekoia experts report that a new infostealer, Stealc, has appeared…

Attackers hacked GoDaddy

Hackers Attacked GoDaddy and Stayed on the Company’s Systems for Several Years

One of the world’s largest hosters and domain name registrars,…

FatalRAT in Google Ads

FatalRAT Malware Masks As Popular Apps in Google Ads

ESET experts have discovered the FatalRAT malware, which targets Chinese-speaking…

AI chatbot in Bing

Bing’s Built-In AI Chatbot Misinforms Users and Sometimes Goes Crazy

More recently, Microsoft, together with OpenAI (the one behind the…

Namecheap sent out phishing emails

Domain Registrar Namecheap Sent Phishing Emails to Its Customers

Domain registrar Namecheap’s email was hacked last weekend and the…

AI Assistant

Hello! 👋 How can I help you today?