Home > Knowledge Centre > 2017

CVE-2017-9805 | Apache Struts 2 Remote Code Execution Vulnerability – An analysis by Quick Heal Security Labs

  • Pradeep Kulkarni / 8 years
  • 0
  • 2 min read

A critical remote code execution vulnerability has been discovered in the popular web application framework Apache Struts, which allows attackers to execute an arbitrary code. To address this issue, Apache Struts has issued a security advisory and CVE-2017-9805 has been assigned to it. The attacker may use this vulnerability to target organizations across the globe. […]

Facebook messenger malware

Security alert! Beware of the Facebook Messenger malware

  • Sakshat Karkare / 8 years
  • 0
  • 3 min read

A new malware has come to notice and it uses Facebook Messenger to spread from one user to another. Known as the Facebook Messenger malware, this threat is said to be highly sophisticated and can act differently based on the web browser the victim is using – Firefox, Chrome or Mozilla. How the malware works […]

Malspam Campaign using CVE-2017-0199 Targets Manufacturing, Pharmaceutical, and other important Industries

  • Quick Heal Security Labs / 8 years
  • 0
  • 1 min read

Quick Heal Security Labs has come across various email campaigns that are actively exploiting the famous vulnerability CVE-2017-0199 in their bid to target prominent private industries in India. CVE-2017-0199 was a zero-day vulnerability reported in April 2017 by two different security firms. Almost all of the MS Office versions were affected by it. Microsoft had […]

Quick Heal to end support for version 2012 (v13.00), 2011 (v12.00) and earlier

  • Quick Heal Security Labs / 8 years
  • 0
  • 5 min read

As viruses, malware, and online threats evolve, we have to strengthen the security perimeter of our computer and other digital devices. The latest version of Quick Heal has been built and improved significantly so that it can protect users from all types of threats, even the most destructive ones such as ransomware. Quick Heal is […]

An analysis of GlobeImposter Ransomware by Quick Heal Security Labs

  • Quick Heal Security Labs / 8 years
  • 0
  • 6 min read

GlobeImposter Ransomware has been increasingly active and observed recently to be appending different suffixes to files it encrypt. A few patterns observed are using 3 random numbers such as “.492, .490, .725, .726, and .707”, random alphanumeric words such as “.p1crypt, .A1crypt, .BRT92, and .mtk118” and suffixes like “.OCEAN, .SEA, .ROSE, .ASTRA, and .DECODED”. Earlier, […]

An analysis of the fileless malware by Quick Heal Security Labs

  • Quick Heal Security Labs / 8 years
  • 0
  • 4 min read

The fileless malware is a malware family that does not leave any trace of its infection in the affected file system. Also known as the ‘memory resident virus’, this type of malware hides in the registry and memory making it difficult for traditional antivirus software to identify the infection. However, this synonym can now be […]

An analysis of TrickBot Malware by Quick Heal Security Labs

  • Quick Heal Security Labs / 8 years
  • 0
  • 3 min read

TrickBot has been a busy malware in the last month because of its various polymorphic propagation methods and techniques. We have seen collective versions and the same medium of propagation – the spam emails. These emails contain attachments to download or a direct link to spread the malicious payload. Trickbot is involved in stealing login […]