Home > Knowledge Centre > 2018

The Runner: a key component of the SamSam ransomware campaign – An analysis by Quick Heal Security Labs

  • Amar Patil / 8 years
  • 0
  • 4 min read

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb 2016 that used the RSA […]

An analysis of an MS office document exploiting a zero-day flash player vulnerability (CVE-2018-4878)

  • Quick Heal Security Labs / 8 years
  • 0
  • 3 min read

Important update! Adobe Systems released a critical security update on 6.02.2017 to fix the vulnerability discussed in this post. We recommend you to apply the update immediately. Summary of the vulnerability CVE-2018-4878 is a use-after-free vulnerability present in Adobe Flash Player 28.0.0.137 and its earlier versions are being exploited in the wild. A successful exploitation […]

How to detect and remove the bitcoin miner malware

  • Quick Heal Security Labs / 8 years
  • 2
  • 4 min read

This article aims to help you detect and remove the newly emerged fileless bitcoin miner malware and protect your computer. Bitcoin is a digital cash system. The difference between using bitcoin and using regular money is that bitcoins can be used without having to link any sort of real-world identity to it. Bitcoin mining is […]

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

  • Aniruddha Dolas / 8 years
  • 0
  • 5 min read

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2017-11882. Let’s take a look at in-depth analysis of one […]

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

  • Pradeep Kulkarni / 8 years
  • 0
  • 1 min read

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions Adobe Flash Player 28.0.0.137 […]

Machine learning approach for advanced threat hunting

  • Ajay / 8 years
  • 2
  • 8 min read

In today’s fast-changing world, the cyber threat landscape is getting increasingly complex and signature-based systems are falling behind to protect endpoints. All major security solutions are built with layered security models to protect endpoints from today’s advanced threats. Machine learning-based detection is also becoming an inevitable component of these layered security models. In this post, […]

Web_filtering_Quick_Heal

How Web Filtering secures your digital world

  • Quick Heal Security Labs / 8 years
  • 0
  • 5 min read

What is web filtering? Web filtering, also known as content filtering and URL filtering, restricts access to certain websites which may be harmful if opened or accessed. This feature not only helps protect a user’s device but also helps implement certain policies for an organization. Web filtering works on two important criteria to filter or […]

Beware of fake apps that claim to help you invest in JioCoin

  • Anand Singh / 8 years
  • 0
  • 2 min read

After news of Reliance Jio to launch its own cryptocurrency Jio emerged, a bunch of scammers seemed to have sprung into action. The Google Play Store was recently flooded with fake apps claiming to help users invest in JioCoin. And not long after this, Reliance issued an official statement rubbishing these apps saying, “Any such […]

WhatsApp_Scam_Alert

WhatsApp Scam Alert! Do not be fooled by this new scam

  • Sakshat Karkare / 8 years
  • 26
  • 2 min read

This is a quick advisory to warn our readers about a new WhatsApp scam that is afoot. In this scam, a fake message is getting circulated which informs a user that their WhatsApp subscription has expired and that they can buy a lifetime service just for 99p by clicking on a link. Clicking on this […]

New fake resume email campaign infecting users with the SmokeLoader malware

  • Prashil Moon / 8 years
  • 1
  • 4 min read

Email attachments are a favorite medium for attackers to deliver malware. They can be used to target a specific user or multiple users at the same time by launching spam email campaigns. To succeed in carrying out an intended malware attack, it is necessary that recipients of the malicious email should trust the email and […]