Blog
Pradeep Kulkarni

About Pradeep Kulkarni

Pradeep Kulkarni is leading the IPS team in Quick Heal Technologies Limited. Having worked in the IT security industry for over 11 years, he has worked on various security products and has a keen interest in writing blog posts on trends observed during his research.

WannaCry’s Never Say Die Attitude Keeps It Going!

  • 18
    Shares
 June 22, 2017

Estimated reading time: 3 minutes

Over the past few months, the cybersecurity world was at buzz due to the infamous WannaCry ransomware attack. The attack was launched on a massive scale. The campaign started after the disclosure of NSA exploit leak by a hacker group called Shadow Brokers. Taking advantage of unpatched systems all over...

MS17-010 – Windows SMB server exploitation leads to ransomware outbreak

  • 23
    Shares
 May 13, 2017

Estimated reading time: 2 minutes

The Microsoft Windows SMB (Server Message Block) is being actively exploited in the wild, post the Shadow Brokers (TSB) leak in April 2017. According to Microsoft’s blog, the exploits were already covered in previously released security bulletins. The Shadow Broker exploits named ‘EternalBlue’ and ‘EternalRomance’ and ‘EternalSynergy’ are addressed by...

CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API

  • 19
    Shares
 April 14, 2017

Estimated reading time: 2 minutes

The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products...

Cosmos Bank website compromised with RIG Exploit Kit which drops Cerber Ransomware

  • 41
    Shares
 March 23, 2017

Estimated reading time: 3 minutes

Update: The incident has been taken care of by Cosmos Bank and its website (URL) is now clean and safe to use. Compromising popular websites has become a common strategy for attackers to spread infection in a widespread fashion. Attackers exploit unpatched vulnerabilities present on web servers in order to compromise...

CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability

  • 2
    Shares
 March 14, 2017

Estimated reading time: 2 minutes

The well-known open source web application framework Apache Struts 2 is being actively exploited in the wild allowing hackers to launch a remote code execution attack.  To address this issue, Apache has issued a security advisory and CVE-2017-5638 has been assigned to it. The zero-day bug has been rated with...

The Remote Desktop Protocol Vulnerability – ‘CVE-2012-0002’ is not dead yet!

  • 22
    Shares
 December 13, 2016

Estimated reading time: 2 minutes

On March 13, 2012, Microsoft disclosed the details of a ‘critical vulnerability’ called Remote Desktop Protocol Vulnerability – CVE-2012-0002 in its bulletin. And even four years after this vulnerability was patched, it is still being exploited in the wild by attackers to carry out ‘Remote Code Execution’ on their victims...