04/21/2022 - Karsten Hahn
Criminals provide Ginzo stealer for free, now it is gaining traction
We identified more than 400 samples for Ginzo stealer within 10 days since 20th March and the numbers are rising. What is behind the free stealer?
Warning
03/11/2022 - Tim Berghoff
War in Ukraine: What are the consequences for companies?
The uncertainty surrounding the armed conflict in Ukraine also raises numerous questions: How can companies protect themselves from getting caught between the fronts and becoming a target? There is only one thing that is certain: There are currently more questions than answers.
02/14/2022 - Karsten Hahn
Allcome clipbanker is a newcomer in underground forums
The malware underground market might seem astoundingly professional in marketing and support. Let's take a look under the covers of one particular malware-as-a-service—the clipboard banker Allcome.
02/03/2022 - Karsten Hahn
QR codes on Twitter deliver malicious Chrome extension
ISO file downloads are advertised via QR codes on Twitter and on supposedly free gaming sites, but they don't contain what they promise.
12/16/2021 - Hauke Gierow
Germanys National Cybersecurity Agency declares red alert: Wave of attacks possibly imminent due to Log4Shell vulnerability
The remaining days before Christmas will not be relaxing ones for IT and IT security managers in companies around the world: The Log4Shell security vulnerability is currently keeping the IT world on tenterhooks.
06/25/2021 - Karsten Hahn
Microsoft signed a malicious Netfilter rootkit
What started as a false positive alert for a Microsoft signed file turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP. How did this happen?
06/25/2021 - Thomas Siebert
Digital Vaccination Record: Significant weaknesses in security
Instead of the yellow vaccination card, the digital proof of vaccination on the smartphone is supposed to serve as proof of vaccination. However, there are some glaring weaknesses behind the scenes that could potentially render the entire concept obsolete and raise some more than uncomfortable…
06/15/2021 - Tim Berghoff
Commentary: Plans for iOS15 put victims of stalking and abuse at risk
Apple has announced some innovations for iOS 15 that are a cause for concern among victims of abuse and organizations that support survivors. Among other things, it will be possible to locate devices that are switched off. This is a disaster for people who are being spied on by their own partner.
03/12/2021 - Eddy Willems
Apple takes serious measures in action against zero-click exploits in iOS
Following concerns expressed by users as well as security experts, Apple announced that they will take steps to make zero-click exploits a lot more difficult. An update addressing those issues is underway.
03/09/2021 - Tim Berghoff
Hafnium: Spying on your Exchange Server
Microsoft have patched four highly critical security flaws in their Exchange mail server application. Those flaws allowed an attacker to access confidential information. No passwords are needed to exploit the vulnerabilities. Affected organizations should apply the patches immediately.
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist