Buying presents for Christmas online? Without doubt!
11/24/2016 - Holiday season is about to start and online shopping for Christmas is trending! Our experts forewarn you about current phishing and malware threats in our German G DATA SecurityBlog.Author: Sabrina Berkenkopf
The Rampage of Locky
11/18/2016 [UPDATE: 11/24/2016] - Locky has been a constant in the malware zoo for a considerable time. And while we are aware that there are still victims being hit by the variant sporting the .ODIN extension, in this post we are going to have a look on its statistical data and an in-depth analysis at yet another two later flavors: .SH*T and .THOR. Furthermore, an update to this article takes a look at the recently released...Author: Jaydee Valdez
Analysis: Ursnif - spying on your data since 2007
11/23/2016 - A game of cat and mouse has been going on ever since the first ever malware started circulating in the wild and the first Antivirus appeared on the market. Although it may seem that brand new malware families appear on a daily basis, the truth looks somewhat different. A lot of the malware which is in circulation is a reiteration of something that has existed for quite some time. After all,...Author: Eruel Ramos
The Kings in Your Castle, Pt. #3
11/22/2016 - In the third episode of Marion Marschalek's and Raphael Vinot's series of articles on modern APTs, they will shine some light on the prevalence of Zero-Day vulnerabilities. In reality, the use of Zero-Days is far less common than expected. In fact, APT groups in some cases exploit vulnerabilities which are a couple of years old. On the side of the analysts, they will explain that identical hashes...
The Kings in Your Castle, Pt #2
11/15/2016 - The second part of Marion Marschalek's and Raphael Vinot's article series deals with questions that surround the tools and the data used by analysts. They shine a light on some of the challenges facing analysts when it comes to Indicators of Compromise. While those are easily created and implemented, they can end up being outdated rather quickly. For an effective strategy, other metrics are...Author: Tim Berghoff
It's Educational - On the No 1 Argument for Open Source Ransomware
11/04/2016 - Researchers have published several ransomware projects in the name of education and freedom of knowledge. The question of their usefulness sparks debates among security enthusiasts and researchers since the release of open source ransomware Hidden Tear in August 2015.Author: Karsten Hahn, Tilman Frosch
Microsoft Tech Support Scammers Use Screenlocker Ransomware
11/03/2016 - Microsoft recently published a new study about Tech Support Scams and its impact. Besides the well-known telephone, email and website scams, G DATA experts have encountered screenlocker ransomware in this area. Read more in our German G DATA SecurityBlog.Author: Sabrina Berkenkopf
Drammer: Are hardware vulnerabilities the Achilles heel of Android?
10/28/2016 - Mobile devices, especially smartphones, are a very lucrative target for cyber criminals because they are a fixture of everyday private and working life. Researchers at VUSec Labs, the University of California and Graz University of Technology have succeeded in exploiting a security hole in Android smartphone hardware. The experts have called the attack vector “Deterministic Rowhammer” (Drammer for...Author: Christian Lueg
Meet the latest member of the Locky family: Odin
10/13/2016 [UPDATE: 10/25/2016] - Towards the end of September, the makers of the infamous Locky ransomware have launched a new campaign to spread a new version of the crypto malware. The most obvious difference is the file extension: to identify encrypted personal files, it will be changed to *.odin. Otherwise it bears much resemblance with an earlier version which used the *.zepto file extension. Users of G DATA solutions are...Author: Jaydee Valdez
Dridex - an old dog is learning new tricks
10/21/2016 - A lot of things have been said and written about Dridex in the past few months. It has risen and fallen in prevalence and it was rumored that its makers collaborate with the makers of Locky. Dridex is a well-known banking Trojan steals banking data through a Man-in-the-Browser attack (MITB-attack). In the latest version of Dridex, its infection methods have evolved and Dridex now uses a different...Author: Eruel Ramos