The Security Blog From Gridinsoft

GitHub repositories spread malware

Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits

Experts from the Leiden Institute for Advanced Computer Science have discovered thousands of GitHub repositories with fake PoC exploits for…

New Vulnerability in Apache Commons Text Is Already Being Attacked by Hackers

According to WordPress security firm Defiant, attempts have already been made to exploit a new vulnerability in Apache Commons Text…

Researchers Linked Ransom Cartel members to Famous Hack Group REvil

Experts from the Palo Alto Network analysed the Ransom Cartel hacker group’s ransomware and believe that it is very similar…

New PowerShell Backdoor Masquerades as a Windows Update

Cybersecurity experts from SafeBreach have found a new, previously undocumented and “undetectable” PowerShell backdoor, which hackers actively use and has…

Weak Block Cipher in Microsoft Office 365 Leads to Message Content Disclosure

WithSecure (formerly F-Secure Business) researchers claim that the content of encrypted messages sent through Microsoft Office 365 can be partially…

Microsoft fixed 129 vulnerabilities

On June “Patch Tuesday” Microsoft fixed 129 vulnerabilities in its products

“Patch Tuesday” this month became the largest in the history of Microsoft: were fixed at once 129 vulnerabilities. March 2020 with 115 corrections is in second place, and 113 corrections…

Google maps helps protect from COVID-19

Google Maps helps users protect themselves from COVID-19

Google has added a number of new features to its mapping service to help users protect themselves from COVID-19. Google Maps now provides travelers and people on duty with public…

Ransomware Tycoon uses JIMAGE

Tycoon ransomware uses exotic JIMAGE format to avoid detection

BlackBerry experts have discovered an unusual multi-platform (for Windows and Linux) ransomware Tycoon. It is written in Java and uses JIMAGE image files to avoid detection. Researchers believe Tycoon was…

YouTube Channel Credentials

Hacker forums show growing demand for credentials from YouTube channels

IntSights experts found that recently in the darknet there increased interest YouTube Channel Credentials, and also, as a “side effect”, this stimulates data verification activities. On hacker forums and sites…

Cybercriminals attacked UCSF

Cybercriminals attacked UCSF, US leading COVID-19 vaccine developer

Using ransomware, cybercriminals attacked the University of California, San Francisco (UCSF), one of the leaders in developing a vaccine against COVID-19. The university administration confirmed to Bloomberg reporters that it…

Users seldom change passwords

Users seldom change passwords even after data leaks

Researchers from Carnegie Mellon University found that users seldom change passwords even after receiving data leakage messages. Scientists estimate that only a third of users actually update access to their…

Vulnerability in Indian TikTok Clone

Vulnerability in Indian TikTok clone allows hacking user profiles

The Hacker News reports that Indian security specialist Rahul Kankral discovered a critical vulnerability in the Mitron Android application, which is a TikTok clone. The vulnerability allows you to capture…

Octopus Scanner Malware on GitHub

Octopus Scanner Malware Found On GitHub

GitHub developers have issued a warning about the appearance of the new Octopus Scanner malware, which is distributed ton the site through malicious Java projects. Octopus Scanner was discovered in…

Valak using Microsoft Exchange

Valak malware steals corporate data using Microsoft Exchange servers

Cyberreason Nocturnus experts said that the Valak bootloader discovered in 2019 now exploits vulnerabilities in Microsoft Exchange servers. It has become a full-fledged info-staler and attacks companies in the USA…

Experts confirmed LiveJournal leak.

Experts confirm data leak of 26 million LiveJournal users

In mid-May 2020, in the Telegram channel of the head of DeviceLock company Ashot Hovhannisyan appeared information on data leak of 33.7 million LiveJournal users. Now, experts have confirmed a…

Discord as a tool for stealing password

Hackers use Discord as a tool for stealing passwords

The Bleeping Computer magazine warns that the new version of the AnarchyGrabber Trojan steals passwords and tokens, disables 2FAs and distributes the malware to the victim’s friends. Moreover, attackers modify…

Sarwent Opens RDP Ports

Sarwent malware opens RDP ports on infected machines

SentinelOne experts noticed that the new version of the Sarwent malware opens the RDP ports on infected computers. Researchers believe that this is due to the fact that maware operators…