Blog

Javascript

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

 May 16, 2018

Estimated reading time: 1 minute

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions...

An in-depth analysis of a new, emerging “.url” malware campaign – by Quick Heal Security Labs

  • 2
    Shares
 March 19, 2018

Estimated reading time: 5 minutes

Last week, we had blogged about the emergence of a new attack vector ‘.url’ which is used to spread malware. In this blog post, we will deep-dive into the attack chain of this ‘.url’ vector and elaborate on the Quant Loader malware which is actively making use of it. Let’s...

Web security basics: Watering hole attacks VS phishing attacks

 February 19, 2013

Estimated reading time: 3 minutes

Computer users who are well versed with security threats know why and how clever phishing pages must be avoided. Clear signs help to identify fake phishing pages but what does one do against a “watering hole attack”? What exactly is a watering hole attack? A watering hole attack is a...

As another Java flaw is discovered, is it time to disable Java completely?

 January 17, 2013

Estimated reading time: 3 minutes

After a massive Java 0-day vulnerability surfaced in August 2012, Oracle released an out-of-cycle update to combat the exploit. However, we advised our readers to simply disable Java on their web browsers to avoid the threat. Java has now become a highly vulnerable program that causes more trouble than it...