The Security Blog From Gridinsoft

FBI Takes Down BreachForum

BreachForums is Seized, Again, FBI Puts a Banner

BreachForums, one of, if not the biggest Darknet forum, is once again seized by law enforcement. On Wednesday afternoon, May…

Pornographic Virus Alert From Microsoft

Microsoft shows you the banner which states that your PC is infected with a “Pornographic virus”? It seems that someone…

Dell Hacked, 49 Million Users Exposed

On Friday, May 10, Dell Technologies released a claim regarding the massive data leak that happened in their internal network.…

LockBit Leader Identity Revealed, NCA Publishes More Data

On May 7, 2024, UK National Crime Agency published the detailed dossier on the LockBit ransomware group’s leader. Dmitry Khoroshev,…

Trojan:Script/Wacatac.B!ml

Trojan Wacatac is an umbrella detection for a wide range of malicious software, that shares functionality and code. In particular,…

What is Trojan:Win32/Wacatac? Threat Analysis

Trojan:Script/Wacatac.B!ml

Trojan Wacatac is an umbrella detection for a wide range of malicious software, that shares functionality and code. In particular, the Wacatac name points to malware with dropper capabilities that…

CISA Issues Alert on Active Exploitation of GitLab Vulnerability

GitHub Vulnerability Exploited in the Wild, CISA Notifies

GitLab has a critical vulnerability that affects all authentication mechanisms. Without two-factor authentication, users are at significant risk. The vulnerability is currently fixed, and users are recommended to update to…

Red Ransomware Threat Actor Description

New Red Ransomware Group Discovered

In March 2024, threat analysts detected a new ransomware group, called Red Ransomware. The group, which began its activities during the waning days of prominent groups such as Lockbit and…

GuptiMiner Use eScan to Spread Miners and Backdoors

A recent report by Avast researchers identified an old-timer malware called GuptiMiner. It uses the eScan antivirus update mechanism to stealthily inject backdoors and cryptocurrency mining programs into users’ computer…

New Infostealers Made with Electron

Infostealers Made With Electron On The Rise

AhnLab Security Intelligence Center (ASEC) has identified a new strain of Infostealer malware created using the Electron framework. These apps are packaged in NSIS installer format, which the attacker used…

Hackers abuse GitHub and GitLab CDNs to Spread Malware

GitHub and GitLab CDNs Abused to Spread Malware

Recent research around new spreading approaches of one stealer malware family revealed a new way to abuse GitHub. Instead of creating repositories that contain malware files, hackers push the files…

OpenMetadata Vulnerabilities Threats Kubernetes Workloads, Actively Exploited

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes

Microsoft security blog reports that the OpenMetadata platform has critical vulnerabilities that allow attackers to exploit Kubernetes workloads for crypto mining. Five vulnerabilities allow attackers to bypass authentication and execute…

MITRE Reports State-Sponsored Actor Hacking Into NERVE

MITRE NERVE Hacked, Service Taken Offline

MITRE reports about hacker activity in their NERVE network, spotted in April 2024. Upon detecting the suspicious activity, the organization put the affected service offline and started the investigation. The…

Police Operation Halts LabHost Phishing Service

LabHost Phishing Service Taken Down by Police

Authorities have seized the LabHost phishing service, accused of stealing personal information from victims worldwide. This service specialized in creating fake websites to harvest user data illegally. However, law enforcement…

Сisco Talos warn of a massive attack

Cisco Talos Warns of a Massive Brute Force Wave

The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have recorded countless login attempts to gain unauthorized access to web…

Critical Vulnerability in PAN-OS Exploited

Critical PAN-OS Command Injection Flaw Exploited

Palo Alto Networks warns its customers regarding a vulnerability in their PAN-OS, that leads to command injection. Residing in their GlobalProtect feature, and requiring some specific configurations, this flaw still…

Legit Sites Plagued With Fake Robux Generators

Fake Robux Generators Spread on Government Websites

Huge number of fake Robux generators recently appeared on a range of websites with .gov, .mil, and edu. They commonly pose as PDF files, enriched with keywords that boost their…