O blog de segurança da Gridinsoft

RCE Vulnerability in Microsoft SharePoint Exploited, CISA Notifies

Microsoft SharePoint Vulnerability Exploited, Update Now

No final de março 2024, os EUA. Agência de Segurança Cibernética e Infraestrutura (CISA) issued the alert regarding the exploitation of a

PyPI Malware Spreading Outbreak Exploits Typosquatting

PyPI, um índice de pacotes Python, mais uma vez se tornou um lugar para propagação de malware. Threat actors registered hundreds of profiles

ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, apelidado de ShadowRay. It appears that hundreds of machine

GoFetch Vulnerability in Apple Silicon Uncovered

Researchers uncovered a vulnerability in Apple Silicon processors, apelidado de GoFetch. It allows attackers to extract secret keys from Mac computers

STRRAT and Vcurms Malware Abuse GitHub for Spreading

Recentemente foi descoberta uma nova campanha de phishing que usa o GitHub para entregar Trojans de acesso remoto (RATO) STRRAT e Vcurms…

Azorult Malware Resurfaces 2 Years Later

AzorUlt Stealer Is Back In Action, Uses Email Phishing

Especialistas em segurança cibernética encontraram o malware Azorult de oito anos. Esse…

Remcos RAT Uses Webhards to Target Korean Users

Remcos RAT Targets South Korean Users Through Webhards

An infamous Remcos RAT reportedly started targeting South Korean users

GitLab Zeroclick Account Hijack Vulnerability Uncovered

GitLab Zero-Click Account Hijack Vulnerability Revealed

Em janeiro 11, 2024, GitLab released an update with the

Hackers Exploit Windows SmartScreen Vulnerability to Spread Phemedrone Stealer

Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

The malicious campaign exploits the CVE-2023-36025 vulnerability in Microsoft Windows

Critical Cisco Unity Connection Vulnerability Allows for Root Access

Cisco Unity Connection Vulnerability Enables Root Access

Cisco has recently addressed a significant security vulnerabilit in its

Ivanti Connect Secure Zero-Day Exploited

Ivanti Connect Secure Zero-Day Vulnerability Exploited In The Wild

Ivanti issued an alert about its Connect Secure VPN appliances.

Water Curupira hackers are actively distributing PikaBot malware

Water Curupira Hackers Spread PikaBot in Email Spam

Notorious group known as Water Curupira has unleashed a new

NoaBot Botnet Involved in Crypto Mining

NoaBot Botnet: The Latest Mirai Offspring

Um novo botnet chamado NoaBot surgiu no início 2023. Isto…

Critical Auth Bypass Vulnerability in Apache OFBiz: CVE-2023-5146в

Apache OFBiz Vulnerability Exposes Millions of Systems

The cyber world has been rattled by the recent discovery

YouTube Videos Promoting Malware

YouTube Videos Promote Software Cracks With Lumma Stealer

Researchers have discovered a cybersecurity threat that targets users through

Adobe ColdFusion Vulnerabilities Exploited in the Wild

Two Adobe ColdFusion Vulnerabilities Exploited in The Wild

Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks,…

Tortilla Ransomware Free Decryptor Available

Tortilla (Babuk) Ransomware Decryptor Available

Em janeiro 9, 2024, Avast and Cisco Talos announced the