Ransomware is still evolving. Evidence for this can be seen every day. Our analysts have taken a look at Buran and Zeppelin, a particularly devastating exhibit of this evolution.

We introduce the TypeRefHash (TRH) which is an alternative to the ImpHash that does not work with .NET binaries. Our evaluation shows that it can effectively be used to identify .NET malware families.

Learning computer science doesn't have to be purely educational anymore - like it's taught in schools or universities. There are many services out there, providing an additional entertaining part to the education. Hence the word edutainment. In this article, the best computer science edutainment…

There are many things that can be logged on a computer. While not all logging data is useful for the average user, a lot of logging goes on in the background of any system. However: There is good logging and bad logging. We have looked at an example of logging you definitely would not want.

This article is about Pavel Zhovner's latest invention - the Flipper Zero. This small tool could be the go-to device for pentesters all over the world. While we focussed this report on the Flipper Zero, the advanced Flipper One gets mentioned in a comparison later on.

When operating on graphs, one very simple question emerges frequently: Is there a connection between two vertices? Does Tom know Jerry? While this looks like an easy question to answer for a graph database, it can actually be quite hard to find out without proper data structures. In this post, we…

There is a simple trick to see the bitness of a Portable Executable file immediately by looking into a hex editor. But why does it even work? And is it reliable?

A common approach to analyse potentially malicious software is dynamic analysis in a virtual machine. Therefore, malware authors use techniques to alter the malware's behavior when being run in a VM. But how do they actually do it?

With G DATA Internet Security, users are well protected against cyber-attacks. This is confirmed by current tests by the two independent test institutes AV-Test and AV-Comparatives. We spoke to Thomas Siebert, Head of Protection Technologies, about the results.