05/26/2020 - Karsten Hahn
Dumping COVID-19.jar with Java Instrumentation
There is a generic and easy way to unpack Java malware that is not well-known yet. For demonstration I use a recent JAR malware sample that jumps on the COVID-19 bandwagon.
05/19/2020 - Karsten Hahn
PE trick explained: Telling 32 and 64 bit apart with naked eye
There is a simple trick to see the bitness of a Portable Executable file immediately by looking into a hex editor. But why does it even work? And is it reliable?
05/14/2020 - Karsten Hahn
Spam campaign: Netwire RAT via paste.ee and MS Excel to German users
G DATA discovered an email spam campaign in Germany that delivers NetWire RAT via PowerShell in Excel documents. The emails mimick the German courier, parcel and express mail service DHL.
05/08/2020 - Phillip Kemkes
Techniques: Current Use of Virtual Machine Detection Methods
A common approach to analyse potentially malicious software is dynamic analysis in a virtual machine. Therefore, malware authors use techniques to alter the malware's behavior when being run in a VM. But how do they actually do it?
04/29/2020 - Stefan Karpenstein
Awards from test institutes: "Investing in new technologies has paid off."
With G DATA Internet Security, users are well protected against cyber-attacks. This is confirmed by current tests by the two independent test institutes AV-Test and AV-Comparatives. We spoke to Thomas Siebert, Head of Protection Technologies, about the results.
04/06/2020 - Kathrin Beckert-Plewka
Security awareness is not a waste of time
Many IT managers in companies rely on security awareness training to make employees pay attention to IT security. The measure has as many advocates as it has critics that oppose it. The latter can’t see the point of or has doubts about the effectiveness of such training activities.
04/02/2020 - G DATA Security Lab
Pekraut - German RAT starts gnawing
Feature-rich remote access malware Pekraut emerges. The rodent seems to be of German origin and is ready to be released. We analyzed the malware in-depth.
03/16/2020 - Tim Berghoff
German Army: Classified data at discount prices
Time and again, hard drives, patient records and HR information end up where they do not belong: in the bin. We have examined a case where classified data was still present on a decommissioned notebook computer of the German Army.
03/13/2020 - Tim Berghoff
Flattening the curve: How to work from home safely
Amidst fears of the corona virus SARS-CoV-2, more and more companies ask their employees to work from home. We have created a list of useful tips on how to make remote work as safe as possible.
03/05/2020 - Stefan Karpenstein
Switching providers made easy - dispelling preconceptions by talking to presales
A company is no longer satisfied with its current IT security solution. And yet they shy away from switching providers. But doing so is easier than they think. The Presales Consultants at G DATA CyberDefense have the right answers to the questions niggling IT managers and will develop a suitable…
G DATA Security Blog
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist