Cobalt Strike: Looking for the Beacon
During an incident response, looking for malware is often akin to looking for a needle in a hay stack. To complicate matters further, in the case of Cobalt Strike you often have no idea what that needle even looks like. And time is not on your side.
New "Agent Tesla" Variant: Unusual "ZPAQ" Archive Format Delivers Malware
A new variant of Agent Tesla uses the uncommon compression format ZPAQ to steal information from approximately 40 web browsers and various email clients. But what exactly is this file compression format? What advantage does it provide to threat actors? And why it is assumed that the version of Agent…
Vulnerabilities: Understand, mitigate, remediate
As the value of data has grown managing vulnerabilities effectively is essential for the success of your organizations’ security and minimizing the impact of successful attacks. But: What are those vulnerabilities, anyway? Eddy Willems explains.
ChatGPT: The real Evil Twin
The clamor and viral use of a very human-sounding, artificial technology chatbot named, ChatGPT gave rise to some new and interesting activities in the cybercrime world.
Verdict-as-a-Service moves malware scanning from the endpoint to the cloud
Today, no one can do without data at work. However, malware often lurks in shared resources. Stefan Hausotte and his team have developed a solution for this with G DATA Verdict-as-a-Service. He reveals more in an interview.
IT security trends 2023 (part 1): On the shortage of skilled workers, social engineering attacks and companies refusing to learn
Every year in November, we at G DATA CyberDefense ask our IT security experts the same question: “What risks will threaten the IT security of companies and private individuals in the coming year?” In the first part of this blog series, Andreas Lüning, Thomas Siebert and Eddy Willems answer this…
Collaboration: Why working with competitors is crucial to combat cybercrime
Collaboration is an important factor for success. This has always been true for organisation internally. It may seem counterintuitive at first, but sometimes collaborating with a competitor is the best thing you can do.
Identifying file manipulation in system files
Sometimes people send files to us that seem to be legitimate Microsoft system files at first glance, yet closer inspection reveals, that they have in fact been modified. Are those manipulations always malicious? And how can file manipulations be identified? Here are seven different ways to do that.
The real reason why malware detection is hard—and underestimated
Researchers develop an AI with a 98% malware detection rate and 5% false positive rate. If you think this is a splendid technology for antivirus software, this article might change your mind.
Criminals provide Ginzo stealer for free, now it is gaining traction
We identified more than 400 samples for Ginzo stealer within 10 days since 20th March and the numbers are rising. What is behind the free stealer?
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist
