Estimated reading time: 4 minutes
CetaRAT was seen for the first time in the Operation SideCopy APT. Now it is continuously expanding its activity since then. We have been tracking this RAT for a long time and observed an increase in targeting the Indian...
Estimated reading time: 7 minutes
On March 2, Microsoft announced a threat group, HAFNIUM, is actively exploiting four zero-day vulnerabilities in their Exchange Servers. Microsoft has released out-of-band security updates (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), enabling attackers to take access email accounts and run...
Estimated reading time: 5 minutes
A threat actor named Emotet Trojan has been in the wild for more than 5 years, and now it is back after a 5 months break. It has spread globally, infecting new as well as old targets. It is...
Estimated reading time: 5 minutes
Quick Heal Labs have been tracking this Cyber-espionage operation since 2016. We have identified this attack as operation m_project. From the past year, we have seen a surge in these APT activities. Modus operandi of the attackers have remained...
Estimated reading time: 4 minutes
In the last few months, we’ve seen a sudden increase in Spear Phishing attacks. Spear phishing is a variation of a phishing scam wherein hackers send a targeted email to an individual which appears to be from a trusted source. In...
Estimated reading time: 6 minutes
Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common...
Estimated reading time: 1 minute
The recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the...
Estimated reading time: 4 minutes
Nowadays attackers are searching for new techniques to spread malware, recently we came across a new emerging way to deliver malware through IQY file. Till now we had seen spread of malware through various file types and chains such as...