The Security Blog From Gridinsoft

BlackLotus UEFI bootkit

Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit

Microsoft has shared a guide to help organizations detect the installation of the BlackLotus UEFI bootkit that exploits the CVE-2022-21894…

Vulnerability Found in Twitter Code That Provokes a “Shadowban” of the Victim

Recently, Twitter fulfilled a promise made by Elon Musk and published on GitHub the source code of its recommender algorithm,…

Strange Enthusiasts Asked ChaosGPT to Destroy Humanity and Establish World Domination

Enthusiasts launched the ChaosGPT project, based on the open-source Auto-GPT, and AI was given access to Google and asked to…

MSMQ Vulnerability Allows Remote Code Execution

Recent update released by Microsoft, an April Patch Tuesday, revealed a severe vulnerability in Microsoft Message Queueing mechanism. That vulnerability…

Hackers Infect eFile Tax Filing Service with Malware

The eFile service, used by many Americans to file their tax returns and authorized by the US Internal Revenue Service…

Android App Bundle

Google Replaces APK with Android App Bundle Format

Google developers announced that since August 2021, all new applications downloaded to the Google Play Store will have to use the new Android App Bundles (AAB) format, instead of the…

Unofficial patch for PrintNightmare

Unofficial patch published for PrintNightmare vulnerability

Last week I talked about a PoC exploit for the dangerous vulnerability CVE-2021-34527 in Windows Print Spooler (spoolsv.exe), which researchers named PrintNightmare, and now an unofficial patch for this problem…

FBI and NSA about Russian hackers

FBI and NSA release a statement about attacks by Russian hackers

The FBI and NSA claim that a group of Russian government hackers are brute-forcing companies and organizations around the world. The NSA, the Department of Homeland Security (DHS CISA), Cybersecurity…

decryptor for Lorenz ransomware

Cybersecurity specialists released a free decryptor for Lorenz ransomware

Dutch company Tesorion has released a free decryptor for data affected by Lorenz ransomware attacks. Now some files can be recovered for free, without paying the ransom. [su_quote cite=”Tesorion security…

PrintNightmare in Windows

Exploit for dangerous PrintNightmare problem in Windows has been published online

A PoC exploit for the dangerous PrintNightmare vulnerability in Windows Print Spooler (spoolsv.exe) has been published online. This bug has ID CVE-2021-1675 and was patched by Microsoft just a couple…

Babuk Locker builder

Babuk Locker ransomware builder leaked into the network

The Babuk Locker ransomware builder has appeared in the public domain. With its help anyone can design its own ransomware, the well-known information security expert Kevin Beaumont said on Twitter.…

Clop continues to work

Clop ransomware continues to work even after a series of arrests

The media reported that Clop ransomware continues to work: its operators have again begun posting data stolen from victims on their website. The fact is that last week, as a…

John McAfee found dead

John McAfee, creator of McAfee antivirus, found dead in prison in Barcelona

On June 23, 75-year-old programmer and creator of the first commercial antivirus McAfee John McAfee passed away – he was found dead in his cell in the Barcelona prison “Briens-2”.…

DirtyMoe botnet infected

Previously assessed as insignificant, DirtyMoe botnet infected over 100,000 Windows systems

The developers of the DirtyMoe botnet (which was assessed as insignificant) added to it a worm-like spreading module, after which the malware infected more than 100,000 Windows systems. The DirtyMoe…

Encryption algorithms for 2G networks

Encryption algorithms for 2G networks have been intentionally weakened

A group of scientists from several European universities published a report on encryption algorithms for 2G networks, which many information security experts and the media have already called sensational. The…

Cyber police of Ukraine and Clop

Cyber police of Ukraine arrested persons linked with the Clop ransomware

As a result of a joint operation carried out with the assistance and coordination of Interpol by law enforcement agencies and the cyber police of Ukraine, South Korea and the…

Attacks on Poland government

Russian-speaking hackers attacked the government infrastructure of Poland

The Sejm of Poland will hold a secret meeting, at which the government will hear information about the recent attacks by Russian-speaking hackers on the government infrastructure of Poland and…