Category: Security Blog G Data Software AG

Recently, we uncovered a sophisticated attack campaign employing a multi-stage approach to deliver AsyncRAT via a legitimate platform called Bitbucket. This article has been indexed from Security Blog G Data Software AG Read the original article: Malware by the (Bit)Bucket:…

Read more →

How useful are Generative AI technologies when it comes to being used in a security context? We have taken the plunge and gave it a try. This article has been indexed from Security Blog G Data Software AG Read the…

Read more →

How useful are Generative AI technologies when it comes to being used in a security context? We have taken the plunge and gave it a try. This article has been indexed from Security Blog G Data Software AG Read the…

Read more →

We break down the full infection chain of the Brazilian-targeted threat BBTok and demonstrate how to deobfuscate the loader DLL using PowerShell, Python, and dnlib. This article has been indexed from Security Blog G Data Software AG Read the original…

Read more →

Automatic sandbox services should not be treated like “antivirus scanners” to determine maliciousness for samples. That’s not their intended use, and they perform poorly in that role. Unfortunately, providing an “overall score” or “verdict” is misleading. This article has been…

Read more →

We discovered a new stealer in the wild called ‘”Ailurophile Stealer”. The stealer is coded in PHP and the source code indicates potential Vietnamese origins. It is available for purchase through a subscription model via its own webpage. Through the…

Read more →

Ten infection and protection layers to deploy malware sounds impressive and very hard to deal with. However, adding more layers counterintuitively does the opposite for antivirus evasion and is not a sign of sophistication. Why is that so? This article…

Read more →

The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the…

Read more →

The SocGholish downloader has been a favourite of several cybercrime groups since 2017. It delivers a payload that poses as a browser update. As any piece of malware, it undergoes an evolutionary process. We have taken a look at the…

Read more →

Turla, a well-known piece of malware, has taken to weaponising LNK-files to infect computers. We have observed a current example of this. Learn more about the details in this article! This article has been indexed from Security Blog G Data…

Read more →

Matthias Barkhausen and Hendrik Eckardt have discovered a flaw in the firmware of Fortinet firewalls. This flaw potentially reveals sensitive information to attackers, such as passwords. This article has been indexed from Security Blog G Data Software AG Read the…

Read more →

Imagine visiting your favorite website with the same address that you always use and it tells you that your browser needs an update. After downloading and executing the update, there’s an unwelcome surprise: the BadSpace backdoor. What is this new…

Read more →

Remote Access Trojans (RATs) that are based in JScript are gaining traction. We have looked at a recent example that emerged in mid-May. It turns out that this RAT has some companions on the way that we are familiar with.…

Read more →

Multifactor authentication (MFA) stands as a stalwart defence in today’s cybersecurity landscape. Yet, despite its efficacy, MFA is not impervious to exploitation. Recognizing the avenues through which hackers bypass these defences is crucial for fortifying cybersecurity measures. This article has…

Read more →

Legitimate applications can unwittingly become conduits for malware execution. This is also the case for recent malware loaders which abuse GoTo Meeting, an online meeting software, to deploy Remcos RAT. Their lures include porn downloads, software setup files as well…

Read more →

Legitimate applications can unwittingly become conduits for malware execution. This is also the case for recent malware loaders which abuse GoTo Meeting, an online meeting software, to deploy Remcos RAT. Their lures include porn downloads, software setup files as well…

Read more →

Infostealers are one of the most lucrative types of malware employed by criminals. And because this is a tried and tested approach, there are still new players entering this illegal game. The new kid on the block is called “Sharp…

Read more →

Many people make banking transactions online now. And since mobile devices are one of the most popular and convenient ways to shop and make payments, criminals are naturally drawn to this. A current example of a malware that specifically targets…

Read more →

RisePro resurfaces with new string encryption and a bloated MSI installer that crashes reversing tools like IDA. The “gitgub” campaign already sent more than 700 archives of stolen data to Telegram. This article has been indexed from Security Blog G…

Read more →

RisePro resurfaces with new string encryption and a bloated MSI installer that crashes reversing tools like IDA. The “gitgub” campaign already sent more than 700 archives of stolen data to Telegram. This article has been indexed from Security Blog G…

Read more →