Estimated reading time: 5 minutes
Threat actors use multiple methods to distribute malware to infect specific targets. Even though various phishing methods are actively used and evolving, an alternative approach to increase their success rate is to call the target corporate companies. Techniques like...
Estimated reading time: 2 minutes
On 19th November at 8:17 am, we became aware of a false positive detection on excel files and the same getting quarantined on some customer devices. We sincerely regret the inconvenience caused. We immediately took necessary actions investigating the matter,...
Estimated reading time: 5 minutes
On May 30, 2022, CVE-2022-30190 “FOLLINA,” a zero-day remote code execution vulnerability discovered in Microsoft Windows Support Diagnostic Tool (MSDT) with high severity (CVSS:9.3). This MSDT tool diagnoses issues with applications such as Microsoft Office documents. Initial attack vector...
Estimated reading time: 2 minutes
A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows Support Diagnostic Tool (MSDT). MSDT is a tool present on Windows version 7 and above and is used for the diagnosis...
Estimated reading time: 4 minutes
The Internet, as we all know it, is approaching a crossroads. The issues it’s currently facing are associated with the centralized model of computing (top-down, data-driven, and not necessarily human-centric), during which a finite number of private entities control...
Estimated reading time: 3 minutes
We are seeing the beginning of a space age of digital exploration. Even though the Metaverse may be a buzz nowadays, it is an idea that is earning huge attention all over the globe. Supposing widespread adoption will change...
Estimated reading time: 2 minutes
We all are aware of the ongoing conflict between Russia and Ukraine. As the physical war takes place on the ground, it also gives rise to cyberattacks against Russia and Ukraine. We are seeing an increase in malicious cyber...
Estimated reading time: 2 minutes
A critical zero-day vulnerability (CVE-2021-44228) was recently discovered in Apache Log4J, the popular Java open source logging library used in countless worldwide applications. The maximum severity vulnerability has been identified as ‘Log4Shell’, which, if exploited, could permit a remote...
Estimated reading time: 4 minutes
If you’ve been following the news recently, you’ll undoubtedly have read about cybersecurity incidents impacting corporations of all sizes in all industries around the world. While it doesn’t often make the news, even small- and medium-sized businesses (SMBs) have...
Estimated reading time: 6 minutes
Quick Heal Security Labs has been monitoring various attack campaigns using JSOutProx RAT against different SMBs in the BFSI sector since January 2021. We have found multiple payloads being dropped at different stages of its operations. Although the...