Where we go, we don't need files: Analysis of fileless malware "Rozena"
Fileless malware leverages exploits to run malicious commands or launch scripts directly from memory using legitimate system tools such as Windows Powershell. Code Red and SQL Slammer were pioneers of fileless malware which date back to the early 2000s. Currently, this type of malware is on the rise…
SocketPlayer – a backdoor wandering off the beaten path
A malware by the name of „SocketPlayer” has sparked the interest of several security researchers. One of our own analysts has taken a closer look at this specimen.
Panning for virtual gold - using other people's equipment
For quite some time, criminal actors have been using mobile devices for mining, without the knowledge or consent of the user.
Some 343 new Android malware samples every hour in 2017
The threat situation has continued to be high in the past year, with over 3 million new Android malware samples discovered. 744,065 of these were discovered in the fourth quarter of 2017. This means that G DATA analysts are counting an average of 8,225 new malware samples for the Android operating…
"Meltdown" and "Spectre": researchers discover severe CPU bugs
International researchers have discovered two severe vulnerabilities in the design of many recent CPUs. The vulnerabilities exist in CPUs from most major vendors, including Intel and AMD, and have been lingering there for over a decade. Microsoft has released an update which is also compatible with…
Inside Meltdown and Spectre: Interview with Anders Fogh
Meltdown and Spectre are considered the most serious bug in the history of computers. With Anders Fogh we have one of the few people worldwide in our team, who has driven the research, which was laying the foundation for the recently published security flaws. We sat down with him and asked him some…
Aircraft hack: Attacks on flying infrastructures
It is possible to gain access to an aircraft’s systems from the outside, according to a report from a team of DHS experts. For perhaps obvious reasons, any details about the attack are classified, but reports still leave a bitter aftertaste. In the end, things come down to money yet again.
KRACK attacks against Wifi encryption: here's what you need to know
On Monday, reports emerged about the encryption of WiFi networks being susceptible to attacks. A design flaw in the WPA2 encryption allows the reuse of certain cryptographic keys instead of blocking it. The Belgian research team dubbed the attack “KRACK”.
Blueborne - "just" a spectacular find or the next everyday threat?
A few days ago reports emerged about a collection of vulnerabilities on the Bluetooth protocol suite. Those allow an attacker to gain complete control over a vulnerable target device without the victim being aware of the attack. What are the consequences for users and how relevant are the examples?
Security, Standards & Laws for the Internet of Things
We have written about vulnerabilities in IoT devices before. There are several factors that work to the advantage of anyone seeking to compromise the confidentiality, integrity or availability of such devices: the lack of standards or (legal) regulations as well as the lack of update facilites in…
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist
