News, Tips, Security Lab

What is PUABundler:Win32/Rostpay? Detection Explained

PUABundler:Win32/Rostpay

PUABundler:Win32/Rostpay is an antivirus detection related to the software released by Rostpay LLC. Antivirus programs detect it because it contains…

GoFetch Vulnerability in Apple Silicon Uncovered

Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers…

VirTool:Win32/DefenderTamperingRestore

VirTool:Win32/DefenderTamperingRestore is the name of the Microsoft Defender detection of a malicious element present in the system. Usually, it marks…

Hellminer.exe Coin Miner

Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out…

STRRAT and Vcurms Malware Abuse GitHub for Spreading

A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms…

What is Dragon Angel extension?

Dragon Angel Malicious Browser Extension

Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin the process of browsing and can…

Usermode Font Driver Host Troubleshooting Guide

Usermode Font Driver Host (fontdrvhost.exe)

The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among users due to its high consumption of resources such as…

What is PUA:Win32/Vigua.A?

PUA:Win32/Vigua.A

PUA:Win32/Vigua.A is a universal detection name used by Microsoft Defender to detect potentially unwanted applications (PUAs). This is often associated with various system optimizers that have hidden functionality in addition…

Re-captha-version Pop-Up Notification Spam - How to Remove?

Re-Captha-Version Pop-Up Notification Spam

Recent user complaints show a new wave of malicious Re-Captha-Version website pop-ups. Such websites aim to force users into allowing pop-up notifications, to further send dozens of pop-up advertisements. Let…

Fujitsu Data Leaked Due to Cyberattack

Fujitsu Hacked, Warns of Data Leak Possibility

Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware in its IT systems, which led to a massive data…

What is Taskbarify?

Taskbarify Unwanted Application

Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show…

Trojan:Win32/Vigorf.A Malware Description

Trojan:Win32/Vigorf.A

Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out…

What Is Trojan:Win32/Znyonm Detection?

Trojan:Win32/Znyonm

Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable remote access, or deploy more payloads. Let’s dive into this…

Fortinet Reports SQL/RCE Vulnerability in FortiClient EMS

Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential…

What is Win32/Wacapew.C!ml? Description & Analysis

Win32/Wacapew.C!ml Detection Analysis & Recommendations

Win32/Wacapew.C!ml detection refers to programs that have suspicious properties. This can be either a false positive or a detection of a program that has its properties & functions border with…

PUABundler:Win32/uTorrent_BundleInstaller Analysis And Removal guide

PUABundler:Win32/uTorrent_BundleInstaller

PUABundler:Win32/uTorrent_BundleInstaller is a Microsoft Defender detection that is associated with the installer of the once popular uTorrent client. It is detected by antiviruses because it contains a fair amount of…

Infostealers Disguised as Adobe Reader Target Brazil

Adobe Reader Infostealer Plagues Email Messages in Brazil

A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app,…