Estimated reading time: 6 minutes
Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals...
Estimated reading time: 5 minutes
Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the...
Estimated reading time: 1 minute
The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe, the...
Estimated reading time: 4 minutes
Earlier we had blogged about how JAVA based jRAT malware were evolved in the recent times. At Quick Heal Security Labs, we are actively observing jRAT campaigns happening in the wild. These JAVA malware spread through phishing campaigns. While analyzing one such phishing campaign, we found...
Estimated reading time: 4 minutes
Ransomware outbreaks have been on the rise for quite some time now but suddenly we are observing a change in this trend. Seems like the rise observed in cryptocurrency valuations especially for Bitcoins is making attackers to go after...
Estimated reading time: 4 minutes
.NET Framework Remote Code Execution Vulnerability (CVE-2017-8759) is a code injection vulnerability in the SOAP WSDL parser of .net framework. This vulnerability was a zero-day when it was spotted in the wild. Quick Heal Security Labs had released advisory in the month of...
Estimated reading time: 1 minute
The recent zero-day vulnerability in Microsoft Office vulnerability CVE-2017-11826 enables attackers to perform a Remote Code Execution on targeted machines. According to a recently published blog post, this vulnerability is being exploited in the wild. Microsoft has released a security update on October 10, 2017,...
Estimated reading time: 2 minutes
A critical remote code execution vulnerability has been discovered in famous web application framework Apache Struts, which allows attackers to execute arbitrary code. To address this issue, Apache Struts has issued a security advisory and CVE-2017-9805 has been assigned...
Estimated reading time: 2 minutes
Exploit Kits are dynamic in nature particularly in terms of their delivery mechanism. Their landing page i.e., the content is obfuscated and changed frequently in order to evade various security software. The RIG Exploit Kit, however, has a different...
Estimated reading time: 4 minutes
Earlier this week, a new variant of Petya Ransomware was spotted which was creating havoc all over Europe as well as major parts of Asia including India. The major target for Petya has been Ukraine as its major banks...