ERNW Research is an independent IT Security service provider based in Heidelberg, Germany. Since its founding in 2015, the focus of ERNW Research has been on performing Research projects in all areas of IT security - publicly funded projects in cooperation with universities, customer projects, as well as internal research projects.
Our goal is to perform cutting edge research to preserve excellence, and apply our knowledge and research results in highly technical projects for our customers.
Particular fields of attention are the areas of Incident Response, Forensic Computing, Malware Analysis, and Medical Device Security, as well as advanced security assessments.
Get the latest news about technical topics within the IT-Security Community and a lot of special insights. Sign up now for our Newsletter at ernw.de:
Process Hollowing is a technique used by various malware families (such as FormBook, TrickBot and Agent Tesla) to hide their malicious code within a benign appearing process. The typical workflow for setting up such a hollowed process is as follows: Create a new process (victim) using a benign executable, in suspended state. Unmap the executable […]