Estimated reading time: 2 minutes
This is an important security advisory related to a recently patched Critical remote code execution vulnerability in Microsoft Windows Remote Desktop Service (RDP). The vulnerability is identified as “CVE-2019-0708 – Remote Desktop Services Remote Code Execution Vulnerability”. MSRC blog mentions...
Estimated reading time: 10 minutes
From the last one year, Quick Heal Security Labs has been observing a boost in the number of mining malware. One of the ways to earn cryptocurrencies is to mine them. Nowadays cryptocurrency miner malware have become hot attack...
Estimated reading time: 2 minutes
With the incidents of cybercrime rising at an enormous rate, especially targeted attacks on organizations, many companies now have a cybersecurity incident response plan in place. However, a major reason these organizations still fail to respond effectively to a...
Estimated reading time: 4 minutes
For several months, QH Labs has been observing an upswing in ransomware activity. We found a new ransomware which is written in Go lang. Malware authors are finding it easy to write ransomware in Go lang rather than traditional programming...
Estimated reading time: 3 minutes
Work on personal devices. Employees love them. A lot of small companies and MSMEs are increasingly embracing Bring Your Own Device (BYOD) policies. But IT security is still skeptic about it. There’s a clear clash of wills here and...
Estimated reading time: 3 minutes
In our day-to-day lives, emergencies or accidents can and do happen. It can be on the roads, in the air, on the tracks – anywhere. When an incident like this occurs, the first people on the scene are the...
Estimated reading time: 4 minutes
Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes...
Estimated reading time: 6 minutes
Recently we saw a new campaign through spam mail attachment- zip file. It contains JavaScript file which delivers a bundle of GandCrab Ransomware, Monero miner and Spammer. This bundle of multiple malware variants is nothing new, it is common...
Estimated reading time: 5 minutes
GandCrab has been in the wild since last week of January 2018. Over the period it kept learning from its mistakes and GandCrab’s agile development grabbed the attention of many security researchers. From moving its servers to Namecoin powered Top Level...
Estimated reading time: 5 minutes
On the back of an upswing in Ransomware activity, we decided to carry out an in-depth analysis of Ghost Ransomware. Interesting fact about this malware is that it uses multiple components to encrypt user files. Technical Analysis : Main...