The Security Blog From Gridinsoft

SFX can launch PowerShell

SFX Archives Can Sneakily Launch PowerShell

CrowdStrike warns that hackers are adding malicious functionality to self-extracting SFX archives containing harmless honeypot files that can launch PowerShell.…

Genesis Market Seized by FBI

Genesis Market, a Darknet marketplace for stolen information, was reportedly seized by the FBI on Tuesday, April 4, 2023. The…

Blogger Forced ChatGPT to Generate Keys for Windows 95

YouTube user Enderman demonstrated that he was able to force ChatGPT to generate activation keys for Windows 95. Let me…

Russian-Speaking Hack Group Winter Vivern Attacks Governments in Europe and Asia

The Russian-speaking hack group Winter Vivern (aka TA473 in the Proofpoint classification) has been actively exploiting a vulnerability in Zimbra…

APT43 Funds Cybercrime With Stolen Crypto

Researchers have identified a new state-backed hacker group in North Korea. The group in question is the North Korean hacker…

Microsoft fixes FLAC bug

Microsoft fixes a bug that corrupted FLAC files

Microsoft has fixed a bug in Windows 10 that changed the name, artist, or other metadata in FLAC files, therefore corrupting them. The bug affected several editions of Windows 10…

Mozilla Thunderbird and OpenPGP

Mozilla Thunderbird email client stored OpenPGP keys in clear text

The researcher found that for several months Mozilla Thunderbird saved some users’ OpenPGP keys in plain text format. For example, Thunderbird users recently realized that when they open a program,…

New Bluetooth Attack

New Bluetooth Attack Allows Simulating Another Device

Experts from the National Agency for Information Systems Security (ANSSI) have discovered a new attack on Bluetooth that allows them simulating another device. The researchers said that there were problems…

IIS bug with worm potential

IIS bug with worm potential poses a threat to WinRM servers

As part of the May “Patch Tuesday” Microsoft has fixed a dangerous bug with worm potential in Internet Information Services (IIS), which received the identifier CVE-2021-31166. Last week, many researchers…

Microsoft's SimuLand lab environment

Microsoft developed a SimuLand lab environment for simulating cyberattacks

Microsoft has developed an open source SimuLand lab environment to help testing and improving Microsoft 365, Defender, Azure, and Azure Sentinel protection against a variety of cyberattack scenarios. SimuLand enables…

Internet Explorer support

Microsoft will end support for Internet Explorer in 2022

Microsoft has announced quite categorically that it will finally stop supporting its Internet Explorer browser next year. Currently, many users have already abandoned Internet Explorer, which has lived more than…

Colonial Pipeline paid criminals

Colonial Pipeline CEO Confirms that Company Paid Criminals $4.4M

The head of Colonial Pipeline confirmed that the company paid the criminals a ransom after the largest pipeline operator in the United States suffered from the DarkSide ransomware attack in…

vaccine against Russian hackers

Cyrillic on the keyboard may become a “vaccine” against Russian hackers

After the sensational cyberattack on the American fuel giant Colonial Pipeline, experts proposed a kind of “vaccine” against Russian hackers. The cybercriminal group DarkSide behind the attack on the Colonial…

patches for Frag Attacks problems

Manufacturers release patches for Frag Attacks problems

Manufacturers of various Wi-Fi-enabled equipment and software developers for this equipment release patches for Frag Attacks problems. Let me remind you that last week the details of twelve vulnerabilities were…

XSS Banned Ransomware Ads

Hacker XSS Forum Banned Ransomware Ads

The administration of the popular hacker forum XSS (formerly DaMaGeLab) has banned advertising and sale of any ransomware on its pages. Groups like REvil, LockBit, DarkSide, Netwalker, Nefilim, and so…

vulnerability in the universal Turing machine

Scientist discovered a vulnerability in the universal Turing machine

Pontus Johnson, a professor at the Royal Institute of Technology in Stockholm, discovered a vulnerability in the universal Turing machine. A Turing machine is an abstract executor (abstract computing machine).…

Wi-Fi Devices and Frag Attacks

Any Wi-Fi enabled devices are vulnerable to Frag Attacks issues

The well-known information security expert Mathy Vanhoef reported the discovery of a whole set of vulnerabilities named Frag Attacks (Fragmentation and aggregation attacks), which affect all devices with Wi-Fi support,…