News, Tips, Security Lab

"Virus and Threat Protection Page Not Available" – What Does It Mean?

Virus and Threat Protection Page Not Available

Windows 10 and 11 users may sometimes encounter a “Virus and threat protection page not available” message. Although this message…

PUADlmanager Win32/InstallCore

PUADlmanager Win32/InstallCore is a detection that Microsoft Defender antivirus uses to detect potentially unwanted programs (PUА). It is a malware…

XZ Utils Backdoor Discovered, Threating Linux Servers

A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of…

UnitedHealth Hack Leaks 6 TB of User Data

UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a…

Microsoft SharePoint Vulnerability Exploited, Update Now

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a…

What is Taskbarify?

Taskbarify Unwanted Application

Taskbarify is unwanted software that claims it is a tiny little Windows tweaker. However, it also turns the device into a proxy server without the user’s knowledge. Let me show…

Trojan:Win32/Vigorf.A Malware Description

Trojan:Win32/Vigorf.A

Trojan:Win32/Vigorf.A is a generic detection of Microsoft Defender. This detection commonly identifies a running loader malware that may deal significant harm to the system. In this article, let’s find out…

What Is Trojan:Win32/Znyonm Detection?

Trojan:Win32/Znyonm

Trojan:Win32/Znyonm is a detection often seen during the backdoor malware activity in the background. Such malware can escalate privileges, enable remote access, or deploy more payloads. Let’s dive into this…

Fortinet Reports SQL/RCE Vulnerability in FortiClient EMS

Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential…

What is Win32/Wacapew.C!ml? Description & Analysis

Win32/Wacapew.C!ml Detection Analysis & Recommendations

Win32/Wacapew.C!ml detection refers to programs that have suspicious properties. This can be either a false positive or a detection of a program that has its properties & functions border with…

PUABundler:Win32/uTorrent_BundleInstaller Analysis And Removal guide

PUABundler:Win32/uTorrent_BundleInstaller

PUABundler:Win32/uTorrent_BundleInstaller is a Microsoft Defender detection that is associated with the installer of the once popular uTorrent client. It is detected by antiviruses because it contains a fair amount of…

Infostealers Disguised as Adobe Reader Target Brazil

Adobe Reader Infostealer Plagues Email Messages in Brazil

A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app,…

BianLian use JetBrains' TeamCity Flaws to Deploy Backdoors

BianLian Exploits TeamCity Vulnerability to Deploy Backdoors

BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to…

PUA:Win32/Softcnapp Detection of Microsoft Defender

PUA:Win32/Softcnapp

Detection of PUA:Win32/Softcnapp by Microsoft Defender, assigned to an unwanted program. It sometimes appears as a false positive of a legit app, like a desktop Viber client, NZXT Cam app,…

Microsoft is Hacked Again by Midnight Blizzard

Microsoft is Hacked, Again by Midnight Blizzard

Microsoft acknowledges being hacked for the second time this year, by the same Russia state-sponsored group Midnight Blizzard. The company confirms that this new breach is the outcome of the…

The Phantom Hacker Scams

Phantom Hacker Scams On The Rise, Target Elderly

Phantom hacker scams is a specific type of fraud that aims at convincing the victim to transfer the funds due to the non-existent hacker threat. Over the last few months,…

WogRAT Malware (WingsOfGod.dll) - Teardown and Removal Tutorial

WingsOfGod.dll – WogRAT Malware Analysis & Removal

WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since…