PUA:Win32/Presenoker
PUA:Win32/Presenoker is an adware designed to make money by showing intrusive advertisements and collecting data. This malware can take control of your web browser and send you to advertising pages.…
Trojan:Win32/Znyonm
Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable remote access, or deploy more payloads. Let’s dive into this…
“Your Connection is Not Private” Error
While using a web browser, users may encounter the error "Your connection is not private". In this post, I will explain why this happens and how you can fix it.…
Hello Perv
“Hello perv” is the name for an email scam that got its name from the eponymous title. It aims at scaring the user and asking them to pay the ransom…
New GrimResource Attack Technique Targets MMC, DLL Flaw
A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy…
Internet Is A Dangerous Place
The "Internet Is A Dangerous Place" scam is a novel type of threatening email message that targets people with threats of intimidation and exposure. In this fraudulent email, the scammer…
Binance Smart Contracts Blockchain Abused in Malware Spreading
Cybercriminals appear to exploit Binance smart contracts as intermediary C2, preferring them over more classic hostings for them being impossible to take down. It is currently used to deploy infostealers,…
Kaspersky Antivirus Banned By the Biden Administration
On June 20, 2024, the Biden administration implemented a complete ban on sales of Kaspersky software. The company has been amidst data security worries since 2017. Now, after more than…
Trojan:Win32/Wacatac.H!ml
Trojan:Win32/Wacatac.H!ml is a detection of Microsoft Defender that may flag several different malware families. Once installed, it can deliver additional malicious payloads, manipulate system settings, and encrypt user data. On…
PUADlManager:Win32/OfferCore
PUADlManager:Win32/OfferCore is a detection of Microsoft Defender related to bundled software, specifically to a piece of code that is used to create the bundle. OfferCore itself is not a specific…
PUA:Win32/Vigua.A
PUA:Win32/Vigua.A is a universal detection name used by Microsoft Defender to detect potentially unwanted applications (PUAs). This is often associated with various system optimizers that have hidden functionality in addition…
PUA:Win32/Softcnapp
Detection of PUA:Win32/Softcnapp by Microsoft Defender, assigned to an unwanted program. It sometimes appears as a false positive of a legit app, like a desktop Viber client, NZXT Cam app,…