News, Tips, Security Lab
ShadowRay Vulnerability Threatens AI Workloads, No Patch Available
Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine…
PUA:Win32/Packunwan
PUA:Win32/Packunwan is a generic detection of potentially unwanted program that uses software packing. It can range from being just annoying…
PUABundler:Win32/Rostpay
PUABundler:Win32/Rostpay is an antivirus detection related to the software released by Rostpay LLC. Antivirus programs detect it because it contains…
GoFetch Vulnerability in Apple Silicon Uncovered
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers…
VirTool:Win32/DefenderTamperingRestore
VirTool:Win32/DefenderTamperingRestore is the name of the Microsoft Defender detection of a malicious element present in the system. Usually, it marks…
Hellminer.exe Coin Miner
Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out by the high CPU load it creates, making the system…
STRRAT and Vcurms Malware Abuse GitHub for Spreading
A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the…
Dragon Angel Malicious Browser Extension
Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or websites. These redirects ruin the process of browsing and can…
Usermode Font Driver Host (fontdrvhost.exe)
The Usermode Font Driver Host process is an important part of the Windows operating system. It may raise questions among users due to its high consumption of resources such as…
PUA:Win32/Vigua.A
PUA:Win32/Vigua.A is a universal detection name used by Microsoft Defender to detect potentially unwanted applications (PUAs). This is often associated with various system optimizers that have hidden functionality in addition…
Re-Captha-Version Pop-Up Notification Spam
Recent user complaints show a new wave of malicious Re-Captha-Version website pop-ups. Such websites aim to force users into allowing pop-up notifications, to further send dozens of pop-up advertisements. Let…
Fujitsu Hacked, Warns of Data Leak Possibility
Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware in its IT systems, which led to a massive data…
Taskbarify Unwanted Application
Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show…
Trojan:Win32/Vigorf.A
Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out…
Trojan:Win32/Znyonm
Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable remote access, or deploy more payloads. Let’s dive into this…
Fortinet RCE Vulnerability Affects FortiClient EMS Servers
Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential…
Win32/Wacapew.C!ml Detection Analysis & Recommendations
Win32/Wacapew.C!ml detection refers to programs that have suspicious properties. This can be either a false positive or a detection of a program that has its properties & functions border with…