The Security Blog From Gridinsoft

WordPress plugin Ultimate Member

Hackers Actively Exploit the 0-Day Vulnerability in the Ultimate Member WordPress Plugin

Hackers actively exploit a zero-day vulnerability in the WordPress plugin Ultimate Member to increase privileges: with the help of this…

BlackCat Ransomware Employs Malvertising In Targeted Attacks

Recently malicious actors started using malvertising to spread BlackCat ransomware. They use cloned webpages of popular freeware applications, particularly WinSCP…

MITRE Compiled a List of the 25 Most Dangerous Bugs

MITRE specialists have published a list of the 25 most dangerous bugs in software over the past two years. It…

The Number of Companies Affected by Attacks on Vulnerabilities in MOVEit Transfer Increased

The consequences of exploiting a 0-day vulnerability in MOVEit Transfer’s file transfer management solution continue to spread. The total number…

8Base Ransomware Group On The Rise, Lists a Number of Victims

In June of this year, a new wave of cyber-attacks and extortion operations, organized by the criminal group 8Base, swept…

Site Isolation in Google Chrome

SpookJS Attack Allows to Bypass Site Isolation In Google Chrome

A group of scientists from universities in Australia, Israel and…

REvil resumed attacks

REvil ransomware resumed attacks

Last week, the infrastructure of REvil (Sodinokibi) returned online after…

fresh vulnerability in Ghostscript

PoC exploit published for fresh vulnerability in Ghostscript

A PoC exploit for a fresh vulnerability in Ghostscript was…

The US authorities accused Ukrainian

US authorities accused Ukrainian citizen of running a brute force botnet

The US authorities accused the Ukrainian citizen of hacking: namely,…

REvil servers back online

Servers of the hack group REvil are back online

In July 2021, the infrastructure of REvil (Sodinokibi) was turned…

FBI experts and sextortion

FBI experts say that this year “sextortion” brought scammers more than $8 million

Experts from the FBI Internet Fraud Complaints Center (IC3) spoke…

Atlassian Confluence vulnerability

Atlassian Confluence vulnerability was exploited to install miners

In late August, Atlassian released a hotfix for a Confluence…

Dangerous bug in WhatsApp

Dangerous bug in WhatsApp could lead to disclosure of user data

Check Point specialists spoke about a dangerous bug they discovered…

BrakTooth threaten billions of devices

BrakTooth vulnerabilities threaten billions of devices around the world

A group of researchers has published information on 16 serious…

malware in AMD and Nvidia

Researchers spot a tool to hide malware in AMD and Nvidia GPUs for sale

Bleeping Computer discovered that an exploit that uses the memory…

ProxyToken vulnerability in Microsoft Exchange

ProxyToken Vulnerability Allows Stealing Mail Through Microsoft Exchange

A dangerous vulnerability called ProxyToken has been discovered in Microsoft…

Critical vulnerability in Cosmos DB

Microsoft warned of a critical vulnerability in Cosmos DB

Microsoft has warned thousands of Azure customers of a critical…