Home
New 64 BIT Emotet Modules

A DEEP DIVE INTO NEW 64 BIT EMOTET MODULES

  • Tejaswini Sandapolla / 3 years
  • 0
  • 5 min read

Emotet is usually delivered by SPAM campaigns containing document files. This self-propagating Trojan is a downloader malware that typically downloads and executes additional payloads. Around Jan 2021, Emotet’s operations were reportedly shut down. However, it has shown its appearance again by the end of 2021. In recent months, Emotet seems to have shifted to 64 […]

Beware: SOVA Android Banking Trojan emerges more powerful with new capabilities

  • Digvijay Mane / 3 years
  • 0
  • 3 min read

  SOVA is an Android banking Trojan with significant capabilities like credential theft, capturing keystrokes, taking screenshots, etc., that can inflict acute harm to the devices that become victims of this malware. This malware has been on sale in the underground market since last year & is suspected of having been bought by some bad […]

POWERSHELL: AN ATTACKER’S PARADISE

PowerShell: An Attacker’s Paradise

  • Mrigank Tyagi / 3 years
  • 0
  • 6 min read

  PowerShell was originally intended as a task automation and configuration management program for system administrators. However, it didn’t take long for attackers to realize its potential for carrying out offensive operations without being detected. Due to PowerShell’s versatility, it can be seen in all stages of attacks, from initial infection vectors; used in macros […]

HiddAd

Auto-launching HiddAd on Google Play Store found in more than 6 million downloads

  • Digvijay Mane / 3 years
  • 0
  • 5 min read

HiddenAd or HiddAd are icon-hiding adware applications. The prime motive of HiddAd is to generate revenue through aggressive advertisements. As long as HiddAd remains on the device, it will generate revenue for the malware author. To make uninstalling difficult, malware authors hide the application’s icon from the application drawer. They also use different deceptive techniques […]

goodwill ransomware

Robin Hood Ransomware ‘GOODWILL’ Forces Victim for Charity

  • Tejaswini Sandapolla / 4 years
  • 0
  • 4 min read

Goodwill Ransomware, identified by CloudSEK researchers in March 2022, is known to promote social justice on the internet. It is known to encrypt documents, databases, videos, or photos after it infects the whole system. The files become inaccessible for the victims, where Robinhood’ Goodwill’ asks the victim to donate for socially driven activities to get […]

follina vulnerability

Threat Advisory: CVE-2022-30190 ‘Follina’ – Severe Zero-day Vulnerability discovered in MSDT

  • Quickheal / 4 years
  • 0
  • 2 min read

A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows Support Diagnostic Tool (MSDT). MSDT is a tool present on Windows version 7 and above and is used for diagnosis of problems in applications such as Ms Office Documents when any user reports problem to Microsoft support. […]

Banking Trojans

Beware – Banking Trojans Using Enhanced Techniques to Spread Malware.

  • Akshay Singla / 4 years
  • 0
  • 4 min read

In our Open-Source Threat Hunting, Quick Heal Security Researchers encountered a banking Trojan named Aberebot capable of stealing sensitive information from infected devices, including financial and personal data. Malware authors used advanced anti-reverse engineering and obfuscation techniques to avoid detection. From our investigation, the fake malicious application requires some risky permissions, as shown in Fig […]

log4shell

Critical Zero-Day “Log4Shell” Vulnerability “CVE-2021-44228” Exploited in the Wild

  • Amruta Wagh / 4 years
  • 0
  • 4 min read

On December 9, 2021, Apache revealed a severe Remote code execution vulnerability CVE-2021-44228 named “Log4Shell” in Apache Java-based log4J logging utility. Threat actors used the utility to execute arbitrary code and take complete control of systems. Apache Log4j is an open-source Java-based utility widely used by cloud and enterprise software services for logging. Being used […]