Blog
Quick heal blog

CVE-2020-0796 – A “wormable” Remote Code Execution vulnerability in SMB v3

 March 13, 2020

Estimated reading time: 2 minutes

Since last two days, the Internet is rife with news around a critical remote code execution vulnerability in SMBv3.1.1 compression mechanism. Today, on 12th March 2020 Microsoft has released an emergency out-of-band patch to address this vulnerability. As per Microsoft release information, it’s a remote code execution vulnerability in the...

Can playing video games on the PC cause cyberattacks?

 March 12, 2020
Can-computer-games-invite-cyberthreats

Estimated reading time: 2 minutes

The video gaming industry has become the foremost entertainment medium worldwide as evidenced by its valuation. The market is estimated to reach an estimated $179.1 billion by 2024, growing at a CAGR of 6.4% from 2019 to 2024. And yet, perhaps because of its denotation as an ‘entertainment’ medium, the...

Mailto Ransomware under the skin of explorer.exe

 March 3, 2020

Estimated reading time: 5 minutes

All of us, at some point in time,  must have heard the story of Wolf and the flock of sheep. The fooling trick used by the wicked wolf of pretending to be a sheep is still in use by many malware authors. They pretend to be genuine processes to achieve...

Take your browser security to the next level!

 February 24, 2020

Estimated reading time: 2 minutes

  Today, almost every computer user leverages a variety of web browsers to surf the internet — Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari are some of the popular browsers in use in recent times. It is very important to configure internet browser(s) in a secure way because vulnerable web...

Ouroboros: Following A New Trend In Ransomware League

 February 18, 2020

Estimated reading time: 5 minutes

Ransomware authors keep exploring new ways to test their strengths against various malware evasion techniques. The ransomware known as “Ouroboros” is intensifying its footprint in the field by bringing more and more advancements in its behavior as it updates its version. This analysis provides the behaviour of version 6, few...

A Deep Dive Into Wakeup On Lan (WoL) Implementation of Ryuk

 February 13, 2020

Estimated reading time: 5 minutes

Quick Heal Security Labs recently came across a variant of Ryuk Ransomware which contains an additional feature of identifying and encrypting systems in a Local Area Network (LAN). This sample targets the systems which are present in sleep as well as the online state in the LAN. This sample is packed with...

Hackers are riding on the global panic pertaining to the deadly Coronavirus

 February 10, 2020
Malware-riding-on-Corona-Virus

Estimated reading time: 3 minutes

Very recently, the Coronavirus that apparently originated from the Wuhan province in China has created pandemonium across the world creating an atmosphere of a health crisis for the global populace. As the news of the deadly Coronavirus creates waves of panic across the globe, cyberattackers are lurking into this phenomenon...

Unable to Shut down or Restart Windows 7 systems?

 February 8, 2020

Estimated reading time: 1 minute

In the last two days, we have received reports from Windows 7 users who have been unable to shut down or restart their PC and ran into the below error. While the exact cause of the issue is yet to be ascertained there is no official confirmation from Microsoft yet....

Why secure your IoT Devices?

 February 6, 2020
Why secure your IoT Devices

Estimated reading time: 4 minutes

Introduction to IoT This blog describes one of the current disruptive technologies in the market, i.e. IoT (Internet of Things) devices. The Internet of things (IoT) is the Internet of connected physical devices, vehicles, appliances and everyday objects that can collect & share information without any intervention. Due to IoT...

HorseDeal Riding on The Curveball!

 February 5, 2020

Estimated reading time: 5 minutes

It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could...