New Java STRRAT ships with .crimson ransomware module
This Java based malware installs RDPWrap, steals credentials, logs keystrokes and remote controls Windows systems. It may soon be capable to infect without Java installed.
Security awareness is not a waste of time
Many IT managers in companies rely on security awareness training to make employees pay attention to IT security. The measure has as many advocates as it has critics that oppose it. The latter can’t see the point of or has doubts about the effectiveness of such training activities.
Well-disguised attacks: Malware samples threaten PCs and networks every few seconds
Cyber criminals’ targets have not changed in the past year. They are after passwords and confidential data and try to encrypt data and systems. The current Malware Top 10 showing the ten most active malware families indicate how active the attackers have been in 2019.
Password rules: Changing passwords regularly damages security
There’s a saying that you should treat passwords like your underwear - change them regularly and don't share them with others. However, opposition to this has been building for some time now. Changing passwords regularly doesn't improve security - quite the opposite.
40,000 CryptBot Downloads per Day: Bitbucket Abused as Malware Slinger
Public source code repository at Bitbucket.org was as abused to host CryptBot, Buer loader with NuclearBot and Cryptominer.
The story of my life : How I got into the security industry 30 years ago!
People and media are mostly looking at ransomware as a fairly recent problem. That seems to be logical if you see the rise of ransomware the past years. In fact, the problem is much older than most of us think. For this we need to go back in time to the beginning of December 1989. For some this is…
Germans dispense with security for their smartphones on holiday
G DATA survey shows that Germans are not so strict about IT security when on holiday. 43 per cent take no action regarding security for their mobile device before going away. This means no installation of security software and no password request activation. This makes life easy for local digital…
G DATA IT Security Trends 2020: Early detection and repulsion of dangerous attacks
Medium-sized companies are being targeted even more heavily by cyber criminals than before. They are often the weakest link in supply chains that include large corporations. In 2020, attackers will exploit this to an even greater extent than before and strike in a targeted manner - using new methods…
Staying one step ahead - why new technologies are needed to expose cyber attacks
It still takes an average of six months for cyber-attacks on companies to be detected. A major reason for this is the sophisticated methods used by attackers to infiltrate their targets. In this series of blogs, read why new cyber defence technologies are needed (Part 1), how graph databases are…
Shadow IT: What do NASA and medium-sized companies have in common?
Incredible, but true - an intrusion into a NASA internal network went unnoticed for almost a year. One of the reasons for this was a minicomputer that was connected to the network without the knowledge of the IT department. The events cast a bad light on JPL's security practices.
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist
