Blog

Uncategorized

BlueKeep Attacks seen in the wild!

 November 8, 2019

Estimated reading time: 2 minutes

CVE-2019-0708, popularly known as BlueKeep, is a RDP pre-authentication vulnerability which allows attacker to compromise a vulnerable system without user’s interaction. This exploit is also wormable, meaning that it can spread to other vulnerable systems in a similar way as the WannaCry malware spread across the globe in 2017. Interestingly,...

28 Fake Apps removed from Google Play Store post Quick Heal Security Lab reports

  • 1
    Share
 February 7, 2019

Estimated reading time: 3 minutes

Quick Heal Security Lab has spotted 28 Fake Apps with over 48,000+ (all together) installations on Google Play Store. Google play has removed a total of 28 fake apps from the Play Store after reports by Quick Heal Security Lab. The apps do not have any legitimate functionality related to...

Beware! Your website might be delivering Emotet malware

  • 17
    Shares
 December 29, 2018

Estimated reading time: 11 minutes

In 2018, we saw a surge in Emotet activity. Emotet started as a banking trojan but this blog will shed light on how it has also become a “threat distributor”. We will also discuss server-side and client-side activity and how it spreads. Its self-propagation makes it all the more challenging...

Home network security: Do you really need it?

  • 23
    Shares
 September 23, 2018
smart-home-ecommerce

Estimated reading time: 3 minutes

We may not realize it but it’s not just our phones that are smart. In an age of Internet of Things (IoT), there is a lot of hype and hoopla about the connected homes – a concept of houses which will be completely smart and connected. But what we often...

“Troldesh’s” One More Variant in the Encryption Offender

  • 22
    Shares
 September 3, 2018

Estimated reading time: 4 minutes

Over the past few days, we have been observing criminals/hackers using a new carrier to deliver the ransomware malware. Recently, Quick Heal Security Labs observed a new variant of Troldesh ransomware which encrypts the data and adds the extension as “.no_more_ransom”. This ransomware comes under Crypto-Ransomware variant, the origin of this...

A new ransomware campaign in the wild,Ryuk!!

  • 21
    Shares
 August 28, 2018

Estimated reading time: 4 minutes

Recently, Quick Heal Security Labs observed a new destructive ransomware named ‘Ryuk. Ransomware’. This ransomware campaign has already affected many users worldwide and seems to be a spear phishing attack. The compelling thing, it encrypts victim files without appending any extension but making files unreadable. Ryuk uses robust military algorithms...

Beware of the Armage Ransomware – the File Destroyer!

  • 19
    Shares
 August 8, 2018

Estimated reading time: 3 minutes

In July last week, Quick Heal Security Labs detected a new ransomware called Armage. It appends ‘.Armage’ extension to files it encrypts. Armage ransomware uses the AES-256 encryption algorithm to encode files making them inoperable. It spreads via spam emails and corrupted text files. Technical analysis Once executed on the...

Quick Heal Total Security (Windows) achieves a 99.5% protection rate in AV-Comparatives’ test

  • 49
    Shares
 July 23, 2018

Estimated reading time: 2 minutes

Quick Heal Total Security (Windows) has achieved a 99.5% protection rate in the Real-World Protection Test conducted by world’s leading security software testers AV-Comparatives. Real-World Protection Test February-June 2018 Experts at AV-Comparatives create a real-world environment to test security software. In this environment, malware (malicious software) behave in the same...

Satan ransomware raises its head again!

  • 7
    Shares
 June 20, 2018

Estimated reading time: 3 minutes

Satan ransomware first occurred in early 2017. And it has resurfaced with a new variant in 2018. We have seen it using new, innovative techniques to spread such as EternalBlue exploit to distribute over compromised networks.   This variant of Satan propagates using the below techniques: Mimikatz EternalBlue – exploit...

Quick Heal detects banking Trojans imitating popular social media and banking apps in India

  • 29
    Shares
 June 5, 2018

Estimated reading time: 5 minutes

Quick Heal Security Labs has spotted two banking Trojan malware. These malware imitate some popular social and banking apps. While doing so, they gain access to some security permissions on the infected device which allow them to steal the user’s banking credentials. The malware are able to do this by...