News, Tips, Security Lab
HackTool:Win32/Crack
HackTool:Win32/Crack is related to hacking tools for bypassing license verification. These are often activators of Windows, MS Office, and other…
PyPI Malware Spreading Outbreak Exploits Typosquatting
PyPI, an index of Python packages, once again became a place for malware spreading. Threat actors registered hundreds of profiles…
ShadowRay Vulnerability Threatens AI Workloads, No Patch Available
Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine…
PUA:Win32/Packunwan
PUA:Win32/Packunwan is a generic detection of potentially unwanted program that uses software packing. It can range from being just annoying…
PUABundler:Win32/Rostpay
PUABundler:Win32/Rostpay is an antivirus detection related to the software released by Rostpay LLC. Antivirus programs detect it because it contains…
Re Captha Version Pop-Ups Virus
Recent user complaints show a new wave of malicious Re Captha Version website pop-ups. Such websites aim to force users into allowing pop-up notifications, to further send dozens of pop-up…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware in its IT systems, which led to a massive data…
Taskbarify Unwanted Application
Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show…
Trojan:Win32/Vigorf.A
Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out…
Trojan:Win32/Znyonm
Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable remote access, or deploy more payloads. Let’s dive into this…
Fortinet RCE Vulnerability Affects FortiClient EMS Servers
Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential…
Win32/Wacapew.C!ml Detection Analysis & Recommendations
Win32/Wacapew.C!ml detection refers to programs that have suspicious properties. This can be either a false positive or a detection of a program that has its properties & functions border with…
PUABundler:Win32/uTorrent_BundleInstaller
PUABundler:Win32/uTorrent_BundleInstaller is a Microsoft Defender detection that is associated with the installer of the once popular uTorrent client. It is detected by antiviruses because it contains a fair amount of…
Adobe Reader Infostealer Plagues Email Messages in Brazil
A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app,…
BianLian Exploits TeamCity Vulnerability to Deploy Backdoors
BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to…
PUA:Win32/Softcnapp Detection Analysis & Description
PUA:Win32/Softcnapp is a generic detection name of Microsoft Defender, assigned to an unwanted program. It sometimes appears as false positive detections of a legit app, like a desktop Viber client,…
Microsoft is Hacked, Again by Midnight Blizzard
Microsoft acknowledges being hacked for the second time this year, by the same Russia state-sponsored group Midnight Blizzard. The company confirms that this new breach is the outcome of the…