Estimated reading time: 3 minutes
The recent Bad Rabbit ransomware outbreak is currently making headlines. This post outlines the analysis of the ransomware by Quick Heal Security Labs. According to our telemetry, we have not seen any Bad Rabbit ransomware infection on our customer’s...Search Results
Estimated reading time: 4 minutes
.NET Framework Remote Code Execution Vulnerability (CVE-2017-8759) is a code injection vulnerability in the SOAP WSDL parser of .net framework. This vulnerability was a zero-day when it was spotted in the wild. Quick Heal Security Labs had released advisory in the month of...
Estimated reading time: 3 minutes
Spam email campaigns have increased with the use of multiple random techniques which improve the efficiency of payload distribution to spread malware to more number of users. These attacks have been randomly observed to have increased rapidly in numbers;...
Estimated reading time: 4 minutes
jRAT (Java Based Remote Access Trojans) malware is not new but its activity has increased recently in the last few months and they are targeting various organizations. Per day, Quick Heal Security Labs identifies thousands of spam emails carrying...
Estimated reading time: 2 minutes
Quick Heal Security Labs has been observing the infamous Locky ransomware outbreak which kicked off recently in the last week of September. The outbreak started with spam email with various subjects and different attachment names. On 26th September, spam campaign delivering a new...
Estimated reading time: 2 minutes
The recent zero-day vulnerability in .NET Framework vulnerability CVE-2017-8759 enables attackers to perform a Remote Code Execution on the targeted machine. This vulnerability is found to be exploited in the wild through email spam messages loaded with malicious RTF files...
Estimated reading time: 2 minutes
A critical remote code execution vulnerability has been discovered in famous web application framework Apache Struts, which allows attackers to execute arbitrary code. To address this issue, Apache Struts has issued a security advisory and CVE-2017-9805 has been assigned...
Estimated reading time: 4 minutes
Quick Heal Security Labs has come across various email campaigns that are actively exploiting the famous vulnerability CVE-2017-0199 in their bid to target prominent private industries in India. CVE-2017-0199 was a zero-day vulnerability reported in April 2017 by two...
Estimated reading time: 5 minutes
GlobeImposter Ransomware has been increasingly active and observed recently to be appending different suffixes to files it encrypt. A few patterns observed are using 3 random numbers such as “.492, .490, .725, .726, and .707”, random alphanumeric words such...