
Ransomware on the Rise: Buran’s transformation into Zeppelin
Ransomware is still evolving. Evidence for this can be seen every day. Our analysts have taken a look at Buran and Zeppelin, a particularly devastating exhibit of this evolution.
Ransomware on the Rise: Buran’s transformation into Zeppelin
Ransomware is still evolving. Evidence for this can be seen every day. Our analysts have taken a look at Buran and Zeppelin, a particularly devastating exhibit of this evolution.
Introducing the TypeRefHash (TRH)
We introduce the TypeRefHash (TRH) which is an alternative to the ImpHash that does not work with .NET binaries. Our evaluation shows that it can effectively be used to identify .NET malware families.
10 best computer science edutainment games!
Learning computer science doesn't have to be purely educational anymore - like it's taught in schools or universities. There are many services out there, providing an additional entertaining part to the education. Hence the word edutainment. In this article, the best computer science edutainment…
Harmful Logging - Diving into MassLogger
There are many things that can be logged on a computer. While not all logging data is useful for the average user, a lot of logging goes on in the background of any system. However: There is good logging and bad logging. We have looked at an example of logging you definitely would not want.
Flipper Zero - Tamagochi For Hackers
This article is about Pavel Zhovner's latest invention - the Flipper Zero. This small tool could be the go-to device for pentesters all over the world. While we focussed this report on the Flipper Zero, the advanced Flipper One gets mentioned in a comparison later on.
Optimizing Edge Existence Checks on Supernodes
When operating on graphs, one very simple question emerges frequently: Is there a connection between two vertices? Does Tom know Jerry? While this looks like an easy question to answer for a graph database, it can actually be quite hard to find out without proper data structures. In this post, we…
PE trick explained: Telling 32 and 64 bit apart with naked eye
There is a simple trick to see the bitness of a Portable Executable file immediately by looking into a hex editor. But why does it even work? And is it reliable?
Techniques: Current Use of Virtual Machine Detection Methods
A common approach to analyse potentially malicious software is dynamic analysis in a virtual machine. Therefore, malware authors use techniques to alter the malware's behavior when being run in a VM. But how do they actually do it?
Awards from test institutes: "Investing in new technologies has paid off."
With G DATA Internet Security, users are well protected against cyber-attacks. This is confirmed by current tests by the two independent test institutes AV-Test and AV-Comparatives. We spoke to Thomas Siebert, Head of Protection Technologies, about the results.