Happy Birthday, Internet: a personal look back
The Internet is turning 50 years old. Time then to take a look back at the part of its history that I have witnessed myself.
Happy Birthday, Internet: a personal look back
The Internet is turning 50 years old. Time then to take a look back at the part of its history that I have witnessed myself.
Malware Naming Hell Part 1: Taming the mess of AV detection names
Everyone who deals with malware will know this: Malware names are a convoluted mess. AV scanners will show different detection names for the same file. This confusion is also reflected in media coverage. Is there a way out of this mess?
Code-Signed malware: What's all the buzz about? Looking at the "Ryuk" ransomware as an example.
Certificates are an established method for verifying the legitimacy of an application. If malicious actors succeed in undermining a certificate authority (CA) by either stealing a valid certificate or compromising the CA, the entire model unravels. We have taken a look at a case where this has…
Book Recommendation: Cyberdanger
Famous German publisher Springer launched ‘Cyberdanger’ worldwide, a book written by Eddy Willems, G DATA’s Security Evangelist.
Analysis: Server-side polymorphism & PowerShell backdoors
Malware actors very rarely stick to the same script for extended periods of time. They constantly modify and update their attack methods. Recently we have observed malware that uses server-side polymorphism to hide its payload, which consists of a backdoor fully written in PowerShell.
Strange Bits: Skull and Crossbones, Bloated Malware, and All-In-One Solution for Ransomware
The third part of the StrangeBits series has the ultimate solution for ransomware, explains why some malware is bloated and looks into a supposedly new skulls and bones malware infection.
New record in 2019: Emotet now has over 30.000 variants and counting
More than 200 new versions per day - the creators of the Emotet Trojan are responsible for the most productive cyber crime campaign currently running. G DATA has discovered more versions in the first half of 2019 than in the whole of 2018.
A deeper dive into the"Silentbruter" malware - Internal folder structures revealed
A malware called "SilentBruter", which is designed to guess login credentials for online accounts, has caught the attention of one of our analysts. In this blogpost we take a closer look at the Silentbruter-Malware and its rather interesting internal structures.
Ransomware identification for the judicious analyst
When facing a ransomware infection, it helps to be familiar with some tools as well as key points to identify ransomware correctly.
Strange Bits: Sodinokibi Spam, CinaRAT, and Fake G DATA
In the second part of our Strange Bits series we are taking a closer look at Sodinokibi Spam E-Mails, CinaRAT and a Malware that tries to imitate G DATA.