ISO file downloads are advertised via QR codes on Twitter and on supposedly free gaming sites, but they don't contain what they promise.

Pharmaceutical company Merck & Co won its case for coverage of losses incurred during the Not Petya cyberattack, securing a payment of 1.4 billion US-Dollars from its insurance company. Previously, the company withheld the money, citing exclusion policies.

Vaccines have distinct advantages over detection based defense mechanisms, so we developed a vaccine to protect from one of the most notorious ransomware families—STOP/DJVU. But unlike vaccines against biological viruses, malware vaccines are not particularly common. This article explains why.

The remaining days before Christmas will not be relaxing ones for IT and IT security managers in companies around the world: The Log4Shell security vulnerability is currently keeping the IT world on tenterhooks.

A malicious USB drive dropped in a parking lot - this image has become a bit of a trope in IT security circles. Still, the threat is very real and more relevant than ever.

Recently, several magazines have repeatedly covered how to protect against and recover from ransomware attacks. However, many companies and individuals are left with the question of whether they would pay in the event of a potential future ransomware attack.

VirusTotal's "Basic Properties" tab alone lists eight different hashes and supports even more to use them for queries and hunt signatures. Hashes are important for malware analysis, as well as identification, description and detection. But why do so many of them exist and when should you use which…

The annual Virus Bulletin International Conference has been running since 1991 and is one of the highlights in the calendar of events for IT security experts. I attended the Virus Bulletin Conference for the first time 26 years ago, this year it’s time again to participate with an interesting paper…

Microsoft has recently seen many attacks by hackers using so-called web shells. The number of web shell attacks between August 2020 and January 2021 doubled compared to the same period a year earlier. But what are they exactly and how can you fight them?

What started as a false positive alert for a Microsoft signed file turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP. How did this happen?