The Security Blog From Gridinsoft

EDRKillShifter Malware Discovered, Used by RansomHub Gang

EDRKillShifter Malware: New EDR Killer Tool in Ransomware Actors’ Toolkit

Recent research uncovers a new anti-EDR utility in the arsenal of malware actors, nicknamed EDRKillShifter. Its main known user to…

Critical SAP Auth Bypass and SSRF Flaws Fixed, Update Now

SAP, the developer of business management software, released a huge security update that fixes numerous vulnerabilities in their software. Among…

1Password Vulnerability for MacOS Causes Credentials Leak

A critical vulnerability was discovered in 1Password that allows attackers to steal vault items by bypassing the app’s security measures.…

Windows COM Vulnerability Exploited by Chinese Hackers

A vulnerability in Windows COM, first discovered in 2018, has become the target of attacks once again. A Chinese hacker…

Apache OFBiz RCE Vulnerability Discovered, Patch Now

A vulnerability, CVE-2024-38856, has been discovered in Apache OFBiz that allows unauthenticated remote code execution. A patch is currently available,…

AT&T Hacked, 90 Million Customers Affected in Data Leak

AT&T Hacked in April, All Wireless Customers Affected

AT&T, one of the US biggest network operators, confirms a…

Microsoft Fixed Several Critical Flaws in June Patch Tuesday

Microsoft Fixes 3 Critical Vulnerabilities in July Patch Tuesday, One Exploited

Microsoft has released its monthly security update, addressing 142 vulnerabilities…

AsyncRAT Mimics eBook Files to Spread

AsyncRAT Spreads As Fake eBook Files, Uses LNK Files

Recent research uncovers a new spreading campaign of AsyncRAT, that…

Avast Releases Donex Ransomware Decryptor

Donex, DarkRace, fake LockBit 3.0 and Muse Ransomware Decryptor Released

A decryptor for a Donex ransomware, also known under the…

regreSSHion Vulnerability Allows Remote Attackers to Gain Root Privileges on Glibc-Based Linux

RegreSSHion OpenSSH Vulnerability Allows for RCE

A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote…

Instagram Hacking Online Scams Frenzy

Fake Instagram Hacking Services

Instagram hacking scams is an old-new direction of online fraud…

GrimResource Attack Targets Microsoft Management Console

New GrimResource Attack Technique Targets MMC, DLL Flaw

A new malicious code execution technique, coined GrimResource, was discovered,…

Binance Smart Contracts Abused in Malware Delivery

Binance Smart Contracts Blockchain Abused in Malware Spreading

Cybercriminals appear to exploit Binance smart contracts as intermediary C2,…

Kaspersky Antivirus Banned By the Biden Administration

Kaspersky Antivirus Banned By the Biden Administration

On June 20, 2024, the Biden administration implemented a complete…

Win.MxResIcn.Heur.Gen False Positive Detection by MaxSecure

Win.MxResIcn.Heur.Gen

Antivirus engine of MaxSecure, a well-known cybersecurity vendor, currently shows…

Lumma Stealer Spreads in Fake Browser Updates Generated With ClearFake Framework

Lumma Stealer Spreads Via Fake Browser Updates, Uses ClearFake

Recent research uncovered a selection of websites that deploy Lumma…

MSMQ RCE Vulnerability Fixed in Patch Tuesday, Update Now

Microsoft Patches Critical MSMQ Vulnerability

In the latest Patch Tuesday, on June 11, 2024 Microsoft…