Blog

Security

How important are security patches and updates

  • 73
    Shares
 April 23, 2018

Estimated reading time: 3 minutes

Security vulnerabilities are increasing and just not so long before, we had to deal with so many of them. Remember WannaCry? In this post, we will discuss some important case in points with respect to security vulnerabilities and how important are security patches and updates. The WannaCry scare The biggest...

Can you spot a phishing email? Take this test and find out!

  • 4
    Shares
 April 5, 2018

Estimated reading time: 3 minutes

One of the oldest, nastiest and most lucrative tools used by hackers is phishing – a method to fool you into revealing your personal and sensitive information such as debit/card numbers, passwords, ATM pin, date of birth – any data that can personal identify you. Here’s an example of a...

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

  • 2
    Shares
 March 19, 2018

Estimated reading time: 5 minutes

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s...

A free guide to 7 computer viruses you should know about

  • 36
    Shares
 March 13, 2018
7_computer_viruses_you_should_know_about

Estimated reading time: 4 minutes

Computer viruses are nasty little programs that are designed to lay waste to your computer. Some destroy files stored on your PC, while some trigger different software to malfunction. More nefarious viruses steal your confidential information and some even go to an extent to rig a system’s power load and...

Chinese, Russian hackers counting on Apache Struts vulnerabilities – a report by Quick Heal Security Labs

 March 7, 2018

Estimated reading time: 4 minutes

Apache Struts is an open-source CMS based on MVC framework for developing Java EE Web Applications. Apache Struts has been widely used by many Fortune 100 companies and government agencies over the years for developing web applications. But, websites built using a CMS constantly need to upgrade the CMS versions in their web application servers, because vulnerabilities...

INFOGRAPHIC: Quick Heal Annual Threat Report 2018 | Key Findings

  • 2
    Shares
 February 23, 2018

Estimated reading time: 1 minute

The Quick Heal Annual Threat Report 2018 is up and it puts together information that concerns individuals and business owners alike. It gives an insight into how the cybersecurity landscape shaped up in 2017 and how it is going to be in 2018. This infographic presents a quick overview of...

Vulnerabilities found in Broadcom Wi-Fi adapter of Lenovo laptop chipsets

  • 32
    Shares
 February 13, 2018

Estimated reading time: 2 minutes

Lenovo recently released an advisory, warning customers about two critical Broadcom vulnerabilities which impact 25 models of its popular ThinkPad lineup. The Broadcom Wi-Fi chipsets used by Lenovo ThinkPad devices are affected by the CVE-2017-11120 & CVE-2017-11121 vulnerabilities. Both these issues are rated as “critical” and received a CVSS 10 score...

The Runner: a key component of the SamSam ransomware campaign – An analysis by Quick Heal Security Labs

 February 8, 2018

Estimated reading time: 4 minutes

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb...

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

  • 15
    Shares
 February 5, 2018

Estimated reading time: 4 minutes

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2017-11882. Let’s take a look...