Vulnerabilities Archives - Gridinsoft Blogs

Security News

Vulnerability in HP BIOS causes system takeover

ByStephanie AdlamMay 13, 2022

Following recent fixes for a large number of UEFI vulnerabilities, worldwide-known PC and laptop vendor HP is releasing a new BIOS update. This time around, two serious vulnerabilities affecting a wide range of over 200 PC and laptop models that allow code to run with kernel

Security News

Vulnerability in ransomware can prevent the encryption

ByStephanie AdlamMay 11, 2022

Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expert shows this exploit usage on the REvil ransomware sample, but there are half a dozen of

Security News

A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

ByStephanie AdlamMay 6, 2022

A vulnerability has been discovered (CVE not yet issued) in uClibc and uClibc-ng C standard libraries. These libraries are vastly used in IoT devices. The newly found vulnerability makes it possible to place forged data into the DNS cache, allowing to set an arbitrary IP

Security News

F5 warns of critical BIG-IP RCE vulnerability

ByStephanie AdlamMay 5, 2022

F5, Inc warned the users about the critical vulnerability that harms the iControl REST users. That solution is a framework offered by the F5 Corporation as an advanced tool for software developers. The detected flaw is noted as critical, since it makes the device takeover

Security News

Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

ByVladimir KrasnogolovyApril 21, 2022

The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8)

Security News

Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

ByVladimir KrasnogolovyFebruary 4, 2022

Security firm Volexity has warned that a previously unknown Chinese hack group is exploiting a 0-day vulnerability in Zimbra’s collaborative software. According to official statistics, more than 200,000 enterprises in 140 countries around the world use Zimbra,

Security News

Another vulnerability found in Log4j, this time it is a denial of service

ByVladimir KrasnogolovyDecember 21, 2021

Log4Shell, recently discovered in the popular logging library Log4j, which is part of the Apache Logging Project, continues to get worse, as another vulnerability has been found. This time it is time a “denial of service” vulnerability. The problem was originally discovered

Security News

Vulnerabilities in STARTTLS threaten popular email clients

ByVladimir KrasnogolovyAugust 18, 2021

At the USENIX conference, a group of German scientists announced the discovery of more than 40 vulnerabilities in STARTTLS implementations in popular mail clients and servers, including Apple Mail, Gmail, Mozilla Thunderbird, Claws Mail, Mutt, Evolution, Exim, Mail.ru,

Security News

Hackers exploit ProxyShell vulnerabilities to install backdoors

ByVladimir KrasnogolovyAugust 16, 2021

Experts warn that hackers are attacking Microsoft Exchange servers, exploiting ProxyShell vulnerabilities, and installing backdoors on them for subsequent access. Let me remind you that the vulnerabilities, which are collectively called ProxyShell, were recently discussed at

Security News

Microsoft Warns of New Print Spooler Vulnerability

ByVladimir KrasnogolovyAugust 13, 2021

Microsoft has released a notice of a new vulnerability in Print Spooler (CVE-2021-36958) that allows local attackers to gain system privileges on a computer. The new vulnerability is related to other PrintNightmare bugs that exploit the configuration settings for Print