January, 2017

DDoS attacks spreading through ‘GodMode’ exploit – CVE-2014-6332

Prakash Galande / 9 years
0
6 min read

We have recently observed an increase in the exploitation of the famous ‘GodMode’ exploit of the vulnerability CVE-2014-6332. The reliable proof of concept (POC) or exploit code for CVE-2016-6332 is readily available on the Internet. This makes it easy for attackers to integrate the exploit in various campaigns. They just have to flip the malware […]

Beware of the new WhatsApp scam that promises FREE internet!

Sakshat Karkare / 9 years
30
3 min read

Scammers never take a day off. And how do we know this? Well, they keep coming up with news ways and means to trick us. A fresh WhatsApp scam is running about and is tricking users with the promise of free Internet. Some WhatsApp users have reported having received a message where the sender is […]

Vulnerability fixed in Quick Heal products

Sakshat Karkare / 9 years
2
1 min read

Out of Bound Write on Stack Buffer Background A security vulnerability – CVE-2017-5005 in Quick Heal allowed illegal Remote Code Execution and Privilege Escalation. Present Status • Vulnerability fixed and released as an update to all Quick Heal users on Saturday, 11th June 2016. • Quick Heal products having virus database of 11th June 2016 […]

Alert! Install the BHIM app only from official app stores

Sakshat Karkare / 9 years
25
2 min read

• BHIM is a digital payment app recently launched by the Government of India. • BHIM app is currently available only in Google Play Store. • Several other apps having the name ‘BHIM’ are present in Google Play. • Install only the official BHIM app developed by ‘National Payments Corporation of India (NPCI)’ What is […]

WhatsApp Virus Alert! Do not download unverified documents received over WhatsApp

Sakshat Karkare / 9 years
20
2 min read

Central security services in India have issued a high alert advisory against two malicious files that are circulating on WhatsApp. These files are loaded with viruses that can steal sensitive personal and banking information stored in the victim’s phone. Who is the prime target? The malicious files are in the guise of Microsoft Excel or […]