Credit to Author: Prachi Sudame| Date: Tue, 25 Dec 2018 09:13:28 +0000
As a normal user we receive multiple emails on a daily basis with PDF as an attachment. Recently, at Quick-Heal Security Lab, we observed a malicious PDF file sent to users as an attachment via a phishing mail. These PDF files look like a regular document but that’s not the…
Read moreCredit to Author: Rupali Parate| Date: Fri, 21 Dec 2018 07:16:46 +0000
Quick Heal Security Lab has spotted few FakeApps with more than 50,000+ installations on Google Play Store. These applications appear to be genuine as a PDF reader, PDF Downloader, PDF Scanner etc., but don’t have such functionality. The main purpose of these apps is to increase the download count of…
Read moreCredit to Author: Anant Pulgam| Date: Tue, 18 Dec 2018 12:44:21 +0000
GandCrab has been in the wild since last week of January 2018. Over the period it kept learning from its mistakes and GandCrab’s agile development grabbed the attention of many security researchers. From moving its servers to Namecoin powered Top Level Domain (.BIT TLD) servers after the first breach, then learning from…
Read moreCredit to Author: Sushmita Kalashikar| Date: Tue, 18 Dec 2018 07:39:54 +0000
Planning a trip this holiday season? While, you spend a considerable amount of time shuffling money on online bookings for flights, hotels and cabs, take care that you DO NOT share your details on doubtful looking travel sites. Just like holidays are a busy time for you and me, it’s…
Read moreCredit to Author: Ghanshyam More| Date: Fri, 14 Dec 2018 11:58:50 +0000
On the back of an upswing in Ransomware activity, we decided to carry out an in-depth analysis of Ghost Ransomware. Interesting fact about this malware is that it uses multiple components to encrypt user files. Technical Analysis : Main malware executable (Ghost.exe) is compiled using the DotNet Framework. The infection…
Read moreCredit to Author: Ghanshyam More| Date: Fri, 14 Dec 2018 10:59:58 +0000
For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more interesting ransomware which encrypts files and adds extension “.katyusha” and demands for an amount of 0.5 btc within three days and threatens to release the data to public download if the ransom is not…
Read moreCredit to Author: Prashant Tilekar| Date: Thu, 06 Dec 2018 10:52:25 +0000
The recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in targeted attacks. Vulnerable Versions Adobe…
Read moreCredit to Author: Sushmita Kalashikar| Date: Mon, 26 Nov 2018 05:52:43 +0000
You are at your computer, engaged in some important work and suddenly a message pops up on the screen, “Your Antivirus software license has expired”. You conveniently choose to ignore the notification, intending to get back to it whenever you get free, but, you never do! What Happens when Antivirus…
Read more