Unlike conventional behaviour analysis, BEAST records all system behaviour in a graph and thus provides a holistic view. The technology is based on a self-developed, lightweight graph database. In this interview, Arnas Staude explains the details of the development process to us.

Babax not only changes its name but also adds a Ring 3 rootkit and lateral spreading capabilities. Furthermore it has a ransomware component called OsnoLocker. Is this combination as dangerous as it sounds?

Crypto derivatives offer unique advantages over traditional ones. But at what cost? In this article we look at what they are and what kind of security risks the users face.

G DATA Internet Security ensures that users are well protected against cyber attacks. This has been repeatedly confirmed in tests by two independent test institutes, AV-Test and AV-Comparatives. We spoke to Thomas Siebert, Head of Protection Technologies at G DATA Cyber Defense, about how the…

Malware sellers want to attract customers with convenience features. Now criminals can remote control malware during their bathroom routine by just using a smartphone and Telegram app.

We open sourced a system to exchange malware samples between partners in the AV industry. In the following post, we explain our motivation, technical details and usage of the system.

The annual Virus Bulletin International Conference has been running since 1991 and is one of the annual highlights in the calendar of events for IT security experts. Eddy Willems attended the Virus Bulletin Conference for the first time 25 years ago and fondly remembers the beginnings.

G DATA is using BEAST technology to break new ground in behavioural analysis. The technology uses a graph database to trace suspicious processes. BEAST can also recognise complex cyber attacks in this way. Even malware that distributes each individual activity over separate processes can be…

A new ransomware uses an unusual symmetric encryption method named "Fernet". It is Python based and appends .CYRAT to encrypted files.