Malware
What is the SearchHost.exe File and Process?
Some users have posted about their concerns when it comes to a specific file named SearchHost.exe. What exactly is SearchHost.exe and it is a dangerous file? First things first - we should make it very clear that... Read more
Smmsky.co Attempts to Infect Devices
Smmsky dot co is a website that is seemingly distributing mobile applications. Sadly, all the apps listed on its front page are fake and will harm your device in one way or another. Above all else, you should never... Read more
What Does ScanBox Malware Do To Your Computer?
Security researchers with Proofpoint published their findings on a long espionage campaign conducted by a Chinese threat actor. The group used a malicious tool called ScanBox. The threat actor behind the ScanBox... Read more
Watch Out for The Cortana Runtime Broker CPU Miner
There is a new malicious tool out in the wild that is designed to mimic the legitimate Cortana application and associated processes. The malware in question works as a crypto miner and will abuse your system's... Read more
Icarus Stealer Attempts to Dodge AV Protection
Icarus stealer is the name of a newly discovered malicious infostealer tool. The new malware has the usual range of features and the functionality you would expect from a fairly well-developed infostealer tool. Icarus... Read more
What Does The MicTrayDebugger Do?
MicTrayDebugger is the designator of a Windows Defender detection. Another variation of what is essentially the same detection is "Win32/MicTrayDebugger!ml". The MicTrayDebugger detection is usually triggered by... Read more
SecurityHealthSystray.exe File and Process
SecurityHealthSystray.exe is the file and process that is responsible for displaying the system security notification icons in your Windows taskbar, in the area where your system click is usually displayed. Some users... Read more
What Does Maggie Malware Do To Your Computer?
Maggie is the name of a newly discovered malware that comprises a backdoor that can attack Microsoft SQL server setups. A research team with DSCO CyTec discovered the new malicious tool. The highest number of infected... Read more
What does Erbium InfoStealer do?
Erbium is a newly discovered infostealing malware. The malicious tool was put up for sale on the dark web by a Russian-speaking threat actor back in the summer of 2022. Erbium is sold for a relatively modest price,... Read more
OriginLogger Picks Up Where Agent Tesla Left Off To Record Your Activities
OriginLogger is the name of a newly discovered malicious tool. A detailed report on the malware was recently published by a research team with the Unit 42 division of Palo Alto Networks. OriginLogger has been... Read more
Beware: Shikitega Malware Targets Linux Systems
Shikitega is the name of a newly discovered piece of malware targeting devices that run Linux, specifically IoT devices and endpoints. The malware comes with a complex, multi-step infection chain and includes a... Read more
Behavior:Win32/Hive.ZY Detection & Removal
A recent Windows Defender detection caused a bit of a stir. There were multiple reports in early September 2022 about a detection that Defender identified as "Behavior:Win32/Hive.ZY" that caused some concern. The good... Read more
What Does LilithBot Malware do to Your Computer?
LilithBot is a piece of multi-purpose malware that was recently detailed by a research team with ThreatLabz. The LilithBot malware has been linked by researchers with the threat actor known as EternityTeam. Eternity... Read more
CovalentStealer Used in Attack on US Defense Entity
CovalentStealer is the name of a malicious tool used for data exfiltration. CovalentStealer was used in an attack on an entity operating in the US defense industrial base sector that was detailed only recently,... Read more
NullMixer Malware Loader Delivers Malicious Files in Bulk
NullMixer is a newly discovered piece of malware that acts as a downloader for a number of other malicious files. Security researchers examining NullMixer found it distributed primarily through websites that offer... Read more
Bobik Malware Linked with Attacks in Ukraine
Bobik is the name of a piece of malware acting like a remote access trojan. Security researchers have linked Bobik to a threat actor known for its pro-Russian attitudes, known by the alias NoName 057(16). According to... Read more
Botnet Blacklist is a Suspicious Warning Message
Botnet Blacklist, or more specifically Botnet:Blacklist is a detection designation given by an anti-malware application to connections it considers suspicious. This designation and the handle "Botnet:Blacklist" is... Read more
Netflix Party Cookie Stuffing Rogue Extension
Netflix Party is the name of a rogue browser extension for Chrome that offers the ability to watch streaming shows in sync with friends. The malicious icing on the cake is that the same extension also performs cookie... Read more
