PowerShell: An Attacker’s Paradise

  PowerShell was originally intended as a task automation and configuration management program for system administrators. However, it…

Threat Advisory: CVE-2022-30190 ‘Follina’ – Severe Zero-day Vulnerability discovered in MSDT

A Zero-day Remote Code Execution Vulnerability with high severity has been identified as CVE-2022-30190 “FOLLINA” in Microsoft Windows…

Spring4Shell: Zero-Day vulnerability CVE-2022-22965 in Spring Framework

A Zero-day Remote Code Execution Vulnerability with critical severity has been identified as CVE-2022-22965 aka Spring4Shell or SpringShell…

CVE-2021-44228: New Apache Log4j ‘Log4Shell’ Zero-Day Being Exploited in the Wild

A critical zero-day vulnerability (CVE-2021-44228) recently discovered Apache Log4J, the popular java open source logging library used in…

HorseDeal Riding on The Curveball!

It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched…

CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel

Red Hat engineers and experts discovered a memory corruption vulnerability in Linux kernel, which is basically a flaw…

Sophisticated Ransomware : “Katyusha”

For several months, Quick Heal Security Labs has been observing an increase in ransomware, we have found one more…

Obfuscated Equation Editor Exploit (CVE-2017-11882) spreading Hawkeye Keylogger

Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently…

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns…

An emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are…