News, Tips, Security Lab
GoFetch Vulnerability in Apple Silicon Uncovered
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers…
VirTool:Win32/DefenderTamperingRestore
VirTool:Win32/DefenderTamperingRestore is the name of the Microsoft Defender detection of a malicious element present in the system. Usually, it marks…
Hellminer.exe Coin Miner
Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out…
STRRAT and Vcurms Malware Abuse GitHub for Spreading
A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms…
Dragon Angel Malicious Browser Extension
Dragon Angel is a browser extension that functions as a hijacker malware. It redirects users to promoted search engines or…
Phantom Hacker Scams On The Rise, Target Elderly
Phantom hacker scams is a specific type of fraud that aims at convincing the victim to transfer the funds due to the non-existent hacker threat. Over the last few months,…
WingsOfGod.dll – WogRAT Malware Analysis & Removal
WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since…
PUABundler:Win32/FusionCore
PUABundler:Win32/FusionCore is a designation that Microsoft Defender Antivirus uses to detect and remove potentially unwanted programs (PUP) that are spread by bundling technology. FusionCore is not a stand-alone program, it…
Werfault.exe Error
Werfault.exe is a system process used to collect information about program errors, which helps diagnose and resolve issues to improve the user experience. In certain cases, it can repeatedly crash,…
Trojan:Script/Sabsik.fl.A!ml Analysis & Removal Guide
Trojan:Script/Sabsik.fl.A!ml is a generic detection name used by Microsoft Defender. This name is particularly used to denote stealer malware that also possesses dropper capabilities. It can perform various activities of…
What is Csrss.exe Process? Troubleshooting Guide
Csrss.exe is an important Windows process, which may sometimes consume a lot of system resources and puzzle the users with such behavior. Some people may mistake it for malware and…
ALPHV Ransomware Shut Down, Exit Scam Supposed
On March 5, 2024, ALPHV/BlackCat ransomware claimed its shutdown, “due to the FBI takeover”. Despite the actions from law enforcement really happening to this gang before, there are quite a…
Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide
Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims’ computers. In which…
PUA:Win32/PCMechanic – PC Mechanic Plus Removal Guide
PUA:Win32/PCMechanic is a detection associated with the potentially unwanted application. This pseudo system optimizer claims that the user’s system has many problems, and then offers to call the “tech support”.…
Trojan:Script/Ulthar.A!ml
Trojan:Script/Ulthar.A!ml is a detection of Windows Defender that identifies as a trojan. It specifically refers to a script-based malicious program. However, it can often turn out to be a false…
rsEngineSvc.exe Process: Reason Core Security Engine Service
RsEngineSvc.exe is an executable file associated with RAV Antivirus, a program developed by ReasonLabs. While being less dangerous than malware, it may be categorized as PUP (Potentially Unwanted Program). This…
Bitfiat Process High CPU – Explained & Removal Guide
Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s…