Valak is malicious software that downloads JScript files and executes them. What happens next depends on the actions performed by the executed JScript files. It is very likely that cyber criminals behind Valak attempt to use this malware to cause chain infections (i.e., using Valak to distribute o
ProgressExpert is an adware-type app that has browser hijacker characteristics. It operates by running intrusive advertisement campaigns, making modifications to browser settings and promoting a fake search engine. ProgressExpert promotes Safe Finder through akamaihd.net. Additionally, most adw
Cov19 is a malicious program belonging to the Scarab ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to this pattern: random character string an
"Apex Enquiry" is the name of deceptive emails, which are part of a spam campaign designed to proliferate the Agent Tesla RAT (Remote Access Trojan). These messages target users, companies, businesses and similar entities that deal with large orders. The "Apex Enquiry" emails ask recipients to re
nomadnews[.]club is a rogue website, which cannot be trusted and should be avoided. Browsers usually open websites such as nomadnews[.]club due to installed potentially unwanted applications (PUAs). People not often visited these web pages intentionally. When opened, however, sites such as nomadn
HermesLookup is a rogue application categorized as adware, which also possesses browser hijacker traits. Following successful infiltration, this app runs intrusive advertisement campaigns (i.e., delivers unwanted and harmful ads), modifies browsers and promotes fake search engines. Additionally
UniversalWebResults (also known as UniversalWebResult) is designed to feed users with various advertisements. It also functions as a browser hijacker and changes certain browser settings to promote the address of a fake search engine. Apps of this type (adware, browser hijackers) also collect br
DragonCyber belongs to a ransomware family called Jigsaw. Like most programs of this type, it encrypts files, modifies filenames and generates a ransom message. DragonCyber renames all encrypted files by appending the ".dc" extension to filenames. For example, it renames "1.jpg" to "1.jpg.dc", "2.
"Cisco AnyConnect Virus" is a generic term used to describe unwanted or malicious content distributed under the guise of content relating to the Cisco AnyConnect application. Cisco AnyConnect is a unified security endpoint agent that delivers multiple security services for enterprise protection.
Microsoft Lync (and Office Communicator) is a former name of Skype for Business, a popular instant messaging application. Research shows that there are a number of fake, deceptive Microsoft Lync installers designed to distribute unwanted, malicious applications. This is not the first time cyber c