Threat research notebook
Fresh malware notes, phishing samples, scam redirects, ransomware observations, and field reports from Gridinsoft research. No gallery, no filler: date, case, finding, next read.
297 lab recordsLOBSHOT, a recently-detected malware family, appears to be a new strong player in the malware market. Carrying a combination of backdoor and spyware functionality, it uses novice spreading ways that make it more effective....
TLS and HTTPS are related, but they are not the same thing. TLS is the encryption...
Spyware and stalkerware both monitor devices, but the threat model is different. Learn the key difference,...
Unfortunately, millions of users worldwide are at risk every single day. Statistics show that a successful...
Social engineering is any attack that manipulates a person into doing something unsafe. The attacker may want a password, MFA code, payment, file download,...
Ransomware rarely chooses the sole type of targets for their attacks. They roam from attacks on small coffee shops to strikes on governmental organisations,...
What is a Reverse Proxy? A reverse proxy is the same server but is in front of a web server. Depending on its configuration,...
If Microsoft Defender or Gridinsoft flags a file you believe is clean, do not simply allow it and move on. A safe false-positive report...
A computer virus is self-replicating malware that infects files, apps, documents, scripts, or boot areas. Learn what viruses do, how they spread, common types,...
Static IP stays fixed while dynamic IP can change automatically. Learn which one you need for home use, gaming, hosting, remote access, privacy, and...
What is penetration testing? Penetration testing is a method by which the security of computer systems and networks can be assessed by simulating a...
Phishing and pharming are both credential-theft attacks, but the path to the fake site is different. Phishing tricks you through a message, link, attachment,...
Phishing uses email or fake pages, smishing uses texts, and vishing uses calls. Learn the differences, warning signs, examples, and what to do if...
IPv4 and IPv6 compared in plain English: address format, speed, security, privacy, NAT, gaming, VPN leaks, and what to check before switching.
Spoofing is an identity disguise. The attacker makes a message, caller, domain, website, device, or network response appear to come from a trusted source....
Learn how SQL injection works, the main SQLi attack types, safe examples, warning signs, and prevention steps using prepared statements, validation, and least privilege.
Anti-malware found threats? Learn what Trojans, adware, spyware, ransomware behavior, PUPs, suspicious scripts, and repeated scan alerts mean, plus what to quarantine, remove, or...
Use this computer-focused spyware checklist to check disabled security tools, browser changes, unknown traffic, startup apps, account alerts, and safe cleanup steps.
Smurfing, or smurf attack, is a kind of DDoS attack. It has a pretty easy mechanism, but counteracting it may be as hard as...
Antivirus and anti-malware now overlap. Learn when Defender is enough, when a second-opinion scanner helps, and why two real-time engines can conflict.
