The Security Blog From Gridinsoft
PaperCut Vulnerability Allows RCE, Exploited in the Wild
PaperCut, a software solution used for print management, appears to be vulnerable to remote code execution (RCE). Another security violation…
New SLP Vulnerability Allows 2200x DDoS Amplification
A recently-discovered vulnerability in SLP, a legacy network protocol, can be used for disastrous increasing in DDoS-attack efficiency. As researchers…
Supply Chain Attack Leads to 3CX Hack and Other Supply Chain Attacks
An investigation into a supply chain attack that hit 3CX last month found that the incident was caused by another…
Capita Hacked, Black Basta Gang Publishes Data
Capita, a London-based international business process outsourcing company, was hacked recently. Users noticed strange events in the company earlier this…
Medusa Groups Claims That It “Merged” the Source Code of Bing and Cortana into the Network
Medusa extortionist group claims to have published internal materials stolen from Microsoft, including the source codes of Bing, Bing Maps…
Experts published a list of the most attacked vulnerabilities in 2020-2021
Experts from the FBI, the US Department of Homeland Security (DHS CISA), the Australian Cybersecurity Center (ACSC), and the UK National Cybersecurity Center (NCSC) have published joint security advisories that…
BlackMatter ransomware attacks companies with revenues above $100 million
Recorded Future analysts have discovered a new hack group accompanying the BlackMatter ransomware that attacks large companies and combines the “best” features of the now defunct DarkSide and REvil. Researchers…
Malware developers increase use of the unusual programming languages
BlackBerry Research & Intelligence analysts have found that criminals are increasingly turning to unusual and exotic programming languages while working on malware, thus making it difficult to analyse their malware,…
Microsoft reported about activity of the LemonDuck malware
Microsoft researchers have published a detailed analysis of the LemonDuck mining malware and reported that cross-platform malware continues to improve. LemonDuck is capable of attacking Windows and Linux, exploits old…
Scammers distribute fake Windows 11 installers
Fraudsters explore curiosity about the release of Windows 11 to distribute fake OS installers stuffed with malware, adware and other threats, Kaspersky Lab reports. Despite the fact that the process…
Researchers found a vulnerability that affects millions of HP, Xerox and Samsung printers
In February of this year, SentinelOne experts found a 16-year-old vulnerability in the driver of HP, Xerox and Samsung printers. The problem allows attackers to gain administrator rights on systems…
Vulnerability in Windows 10 could allow gaining administrator privileges
Last weekend, the well-known cybersecurity researcher Jonas Lykkegaard reported a rather serious vulnerability in Windows 10. All versions of Windows 10 released in the last 2.5 years (as well as…
US and UK accused China for attacks on Microsoft Exchange servers
The United States and a coalition of its allies, including the EU, Britain and NATO, have formally accused China and its authorities of a large-scale hacking campaign to break into…
Researchers trick Windows Hello with infrared image
CyberArk researchers tricked the Windows Hello biometric authentication system that is included in all versions of Windows 10 using an infrared image of the device owner. Researcher Omer Tsarfati says…
New Issues Found with Windows Print Spooler
Last month, cybersecurity experts inadvertently unveiled a PoC exploit for a dangerous problem related to the Windows Print Spooler service, which is a universal interface between OS, applications and local…
Ukrainian law enforcement discovered a mining farm consisting of thousands of PlayStation 4 consoles
Last week, Ukrainian law enforcement officers discovered a huge mining farm in Vinnytsa after they noticed a large-scale electricity leak. It turned out that the attackers mined cryptocurrency right in…
Microsoft patches 117 vulnerabilities, including 9 zero-day vulnerabilities
As part of July Patch Tuesday, Microsoft fixed (released patches) for 117 vulnerabilities, of which 13 were classified as critical. That is, the July set of patches is twice as…