Home > Knowledge Centre > 2022

Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework

  • Shiv Mohan / 4 years
  • 0
  • 2 min read

A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell in Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19 & older. The Spring Framework is an open-source, popular, feature-rich application framework used for building modern & enterprise Java web applications. Publicly available exploits in this widely […]

facebook credentials

Stay Alert of Facebook Credential Stealer Applications Stealing User’s Credentials.

  • Digvijay Mane / 4 years
  • 0
  • 6 min read

Social media credentials are always a lucrative thing for threat actors. They use various techniques to get them. Some use overlays with fake user interfaces, some use key-logging, and some use simple social engineering to trap users. Another way threat actors have been used in the recent past is JavaScript code injection in WebView to […]

Coronavirus-themed Campaign delivers Agent Tesla Malware

  • Aniruddha Dolas / 4 years
  • 0
  • 7 min read

  Summary: While the whole world fights against the COVID-19 pandemic, cybercriminals are busy exploiting the situation and attacking vulnerable users & businesses. In the last few weeks, there has been a rise in coronavirus-themed mail spams, which are being used to deliver a variety of malware. At Quick Heal Security Labs, we have observed […]