The Security Blog From Gridinsoft

BreachForums Back Online, Revived by ShinyHunters

BreachForums Is Back Online, Led by ShinyHunters

BreachForums, an infamous Darknet forum that was shut down in late March 2023, is back online since approx. June 13…

New critical vulnerabilities found in MOVEit Transfer

It became known that during the audit in the solution for managing file transfer MOVEit Transfer, new critical vulnerabilities were…

RDP Honeypot Was Attacked 3.5 Million Times

With increased remote work, IT teams use remote access tools to manage company devices and ensure smooth operations. Remote desktop…

Information Security Experts Published a PoC Exploit for a Vulnerability in Win32k

Information security experts have published a PoC exploit for a privilege escalation vulnerability in the Win32k driver that was fixed…

BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses

Trend Micro researchers reported recently that since September 2022, attackers have been actively using a malware obfuscation engine called BatCloak,…

Firefox 100 and Chrome 100 may have user-agent issues

Firefox 100 and Chrome 100 may have user-agent issues

Mozilla developers have warned that sites may experience problems with the upcoming versions of Firefox 100 and Chrome 100 (released May 3 and March 29, 2022). The fact is that…

Linux kernel vulnerabilities

Google Offers up to $91,000 for Linux Kernel Vulnerabilities

Google has almost doubled its rewards for vulnerabilities in the Linux kernel, Kubernetes, Google Kubernetes Engine (GKE), and kCTF. The reward can now be up to $91,337. In November last…

fix 0-day vulnerabilities

Google analysts noticed that software vendors began to fix Zero-day vulnerabilities faster

Google Project Zero specialists presented a report according to which software vendors began to fix 0-day vulnerabilities faster. For example, last year organizations needed less time than in previous years…

Maze Egregor Sekhmet

Decryption keys for Maze, Egregor and Sekhmet ransomware were posted on the Bleeping Computer forum

The Bleeping Computer forum published master keys for decrypting data affected by Maze, Egregor and Sekhmet ransomware attacks. Apparently, the keys were “leaked” by one of the developers of the…

BlackCat and DarkSide

Experts linked BlackCat (ALPHV) ransomware to BlackMatter and DarkSide groups

A Recorded Future analyst interviewed a member of the hack group behind the BlackCat (ALPHV) ransomware, who confirmed that ALPHV is linked to notorious groups such as BlackMatter and DarkSide.…

0-day vulnerability in Zimbra

Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

Security firm Volexity has warned that a previously unknown Chinese hack group is exploiting a 0-day vulnerability in Zimbra’s collaborative software. According to official statistics, more than 200,000 enterprises in…

Critical UEFI Vulnerabilities

Critical UEFI Vulnerabilities Threaten Devices from 25 Manufacturers

Binarly analysts have discovered 23 critical UEFI vulnerabilities from InsydeH2O, which is used by many major vendors, including HP, Lenovo, Fujitsu, Microsoft, Intel, Dell, Bull (Atos) and Siemens. Together, the…

0-day vulnerability in Microsoft

0-day vulnerability remained unpatched for 2 years due to Microsoft bug bounty issues

As part of January Patch Tuesday, Microsoft fixed a dangerous 0-day privilege escalation vulnerability for which a PoC exploit is available online. The vulnerability is already being exploited in attacks…

macOS camera and microphone

Apple paid $100,000 for macOS camera and microphone hack

Information security researcher Ryan Pickren told how he received a large reward from Apple for hacking the camera and microphone in macOS. He also discovered vulnerabilities in Safari and macOS…

exploits for Microsoft Outlook

Zerodium offers up to $400,000 for exploits for Microsoft Outlook

Well-known exploit and vulnerability broker Zerodium announced that it is ready to pay up to $400,000 for zero-day vulnerabilities and exploits that will allow remote code execution in the Microsoft…

TrickBot causes crashes

TrickBot causes crashes on the machines when cybersecurity experts studying it

TrickBot malware has received new features that make it more difficult to investigate and detect — for example, TrickBot has learned to crash the browser when suspicious manipulations are detected.…

Belarusian Cyber Partisans

Belarusian Cyber Partisans hack group attacked railway servers

A hack group that calls itself Belarusian Cyber Partisans claims to have attacked and encrypted the servers of the Belarusian Railways. The hacktivists said that the reason for the hack…