Blog
Shriram Munde

About Shriram Munde

Shriram has 5 years of experience in cyber threat research and analysis. He is part of Quick Heal’s Proactive Team. His interests include blogging and exploring the world of cybersecurity and malware.

Satan ransomware raises its head again!

  • 7
    Shares
 June 20, 2018

Estimated reading time: 3 minutes

Satan ransomware first occurred in early 2017. And it has resurfaced with a new variant in 2018. We have seen it using new, innovative techniques to spread such as EternalBlue exploit to distribute over compromised networks.   This variant of Satan propagates using the below techniques: Mimikatz EternalBlue – exploit...

Dharma ransomware resurfaces with a new variant

  • 42
    Shares
 April 16, 2018

Estimated reading time: 3 minutes

A new variant of the Dharma ransomware (‘.arrow’) has been observed in the wild. This variant appends the extension ‘.arrow’ to the files it encrypts and spreads via spam emails.   How Dharma encrypts its victim’s files Once executed, the ‘.arrow’ variant of Dharma uses the below command to disable...

An analysis of the Zenis ransomware by Quick Heal Security Labs

 March 19, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs has come across a new ransomware that goes by the name ‘Zenis’. The ransomware not only encrypts files but also intentionally deletes the infected system’s backup.   The behavior of Zenis ransomware Upon inside a computer, the ransomware performs the following checks before it starts encrypting...

Thanatos Ransomware – an analysis by Quick Heal Security Labs

  • 17
    Shares
 February 22, 2018

Estimated reading time: 2 minutes

Quick Heal Security Labs has come across a new ransomware with AES encryption technique that demands 0.01 Bitcoin as a ransom after encrypting the victim’s files. It’s known as Thanatos Ransomware. Thanatos is a type of a Trojan malware that spreads through malicious advertisements, phishing sites, spam emails, freeware and...

New Saturn Ransomware offers ransomware-as-a-service

  • 22
    Shares
 February 19, 2018

Estimated reading time: 4 minutes

Quick Heal Security Labs has come across a new ransomware called ‘Saturn’ currently doing the rounds which upon encryption appends “. Saturn” extension to the encrypted files.  Behaviour of Saturn Ransomware Upon arrival on the host machine, Saturn ransomware checks whether it is a virtual environment or has any debuggers....

A massive security flaw discovered in Skype. Fix not coming anytime soon.

  • 18
    Shares
 February 14, 2018

Estimated reading time: 2 minutes

Quick Heal Security Labs has recently learned about a serious vulnerability in Skype’s update installer – that’s the bad news. The worse news is, Microsoft is not going to patch the vulnerability anytime soon as this would require the updater to go through a ‘large code revision’. What is this...

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets

  • 32
    Shares
 February 13, 2018

Estimated reading time: 2 minutes

Lenovo recently released an advisory, warning customers about two critical Broadcom vulnerabilities which impact 25 models of its popular ThinkPad lineup. The Broadcom Wi-Fi chipsets used by Lenovo ThinkPad devices are affected by the CVE-2017-11120 & CVE-2017-11121 vulnerabilities. Both these issues are rated as “critical” and received a CVSS 10 score...