Summary: While the whole world fights against the COVID-19 pandemic, cybercriminals are busy exploiting the situation and attacking vulnerable users & businesses. In the last few weeks, there has been a rise in coronavirus-themed mail spams, which are being used to deliver a variety of malware. At Quick Heal Security Labs, we have observed […]
While the whole world fights against the COVID-19 pandemic, cybercriminals are busy exploiting the situation and attacking vulnerable users & businesses. In the last few weeks, there has been a rise in coronavirus-themed malspams, which are being used to deliver a variety of malware. At Quick Heal Security Labs, we have observed Agent Tesla being […]
Trend of PowerShell based malware is increasing. General trend observed shows that malware authors use new techniques for infection and propagation of malwares along with open source tools. PowerShell gets executed with high privileges and that’s why it easily performs its activity and propagates through network. Quick Heal Security Lab has observed that some malwares […]
Emotet malware campaign has been existing for a long time. It comes frequently in intervals with different techniques and variants to deliver malware on a victim. Attackers are smart and they use complex techniques to avoid detection. At the start of 2017, we had seen the emotet campaign spreading through email attached PDF and JS […]
No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2017-11882. Let’s take a look at in-depth analysis of one […]
For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions to exchange data between applications. The DDE […]
