Estimated reading time: 3 minutes
A critical zero-day vulnerability (CVE-2021-44228) recently discovered Apache Log4J, the popular java open source logging library used in countless worldwide applications. The maximum severity vulnerability has been identified as ‘Log4Shell’, which, if exploited, could permit a remote attacker to...
Estimated reading time: 4 minutes
If you’ve been following the news recently, you’ll undoubtedly have read about cybersecurity incidents impacting corporations of all sizes in all industries around the world. While it doesn’t often make the news, even small- and medium-sized businesses (SMBs) have...
Estimated reading time: 7 minutes
Quick Heal Security Labs has been monitoring various attack campaigns using JSOutProx RAT against different SMBs in the BFSI sector since January 2021. We have found multiple payloads being dropped at different stages of its operations. Although the...
Estimated reading time: 4 minutes
CetaRAT was seen for the first time in the Operation SideCopy APT. Now it is continuously expanding its activity since then. We have been tracking this RAT for a long time and observed an increase in targeting the Indian...
Estimated reading time: 4 minutes
Cloud adoption has witnessed exponential growth over the past few years. However, it brings forth a new set of cyber risks that endanger organizations and their customers. In the best-case scenario, these unknown cyber risks may result in increased...
Estimated reading time: 5 minutes
In a recent event, Kaseya – the US-based software provider for MSPs and IT Teams has reported a worldwide Supply Chain Attack on July 2, 2021 taking advantage of US Independence Day as a leverage since the strength of...
Estimated reading time: 3 minutes
The SideCopy APT Group has expanded its activity this year and now targets critical Indian sectors this time. Quick Heal Security Labs researchers have been tracking the notorious cyber-attack group – ‘Transparent Tribe’ since the first SideCopy campaign in...
Estimated reading time: 3 minutes
The last decade has witnessed an accelerated adoption of cloud, mobile, and cloud apps. Over the previous year, with the new normal kicking in, organizations had to transition their employees to work outside the enterprise perimeter. As remote work...
Estimated reading time: 7 minutes
On March 2, Microsoft announced a threat group, HAFNIUM, is actively exploiting four zero-day vulnerabilities in their Exchange Servers. Microsoft has released out-of-band security updates (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065), enabling attackers to take access email accounts and run...
Estimated reading time: 2 minutes
Current times have witnessed a large percentage of cyber breaches resulting from human errors. For example, the famous WannaCry ransomware attack that affected the entire world in 2017 increased due to negligence of security teams in ensuring if the...