Women Underrepresented at RSAC - Let's Do Something About It

Posted by Netta Schmeidler on April 20, 2018 at 12:27 AM

 

Although I’m excited to be at the RSA Conference with my Morphisec colleagues, it reminds me of the impetus for starting our Women in Cybersecurity Scholarship. Of 28 keynote speakers at RSAC, only seven are women, and six of these were added at the last minute following a string of scathing tweets and articles. This 25% figure seems to be the average percentage in the general sessions as well. I attended several that were one woman in a panel of four, a few that had only male speakers and a single session that had a majority female panel. If I had to guess the overall attendee and exhibitor gender split I’d say it fell along the same lines, but that percent is skewed by the number of women simply scanning badges.

Read More

Topics: Company News, Events, Cyber Security

MORPHISEC JOINS CITRIX READY PARTNER PROGRAM

Posted by Shelley Leveson on April 17, 2018 at 4:42 PM

Morphisec Moving Target Defense verified as Citrix Ready to enhance protection with Citrix XenApp and XenDesktop

Read More

Topics: Company News, Moving Target Defense, Industry News, Endpoint Security, Cyber Security

ESG Whitepaper Reviews Morphisec for Advanced Prevention Defense

Posted by Shelley Leveson on April 13, 2018 at 12:11 AM

CISOs face an escalating battle on two fronts: externally from ever-more sophisticated attackers and internally in managing all the threat protection and additional security layers they put in to stop them. And they are losing. Despite added technology complexity and operational overhead, cyber criminals still manage to get past defenses.

According to a a new whitepaper from analyst firm ESG, 72% of organizations believe that security operations are more difficult today than they were two years ago yet 54% still suffered at least one security incident.

Read More

Topics: Company News, Moving Target Defense, Industry News, Endpoint Security, Cyber Security

Watering Hole Attack on Leading Hong Kong Telecom Site Exploiting Flash Flaw (CVE-2018-4878)

Posted by Michael Gorelik on March 23, 2018 at 2:01 PM

On March 21,2018, Morphisec Labs began investigating the compromised website of a leading Hong Kong Telecommunications company after being alerted to it by malware hunter @PhysicalDrive0. The investigation, conducted by Morphisec researchers Michael Gorelik and Assaf Kachlon, determined that the Telecom group's corporate site had indeed been hacked. Attackers added an embedded Adobe Flash file that exploits the Flash vulnerability CVE-2018-4878 on the main home.php page.

Read More

Topics: Exploits, Cyber Attacks, Attack Analysis, Fileless Attacks, Threat Alerts

Threat Profile: Dofoil (Smoke Loader) Trojan with Coin-Miner 

Posted by Roy Moshailov on March 22, 2018 at 2:08 PM

 

These days, most malware employs a long attack chain with anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. More and more frequently, they are also incorporating coin miners in attacks. Such is the case with a newly observed variant of the Dofoil (also known as Smoke Loader) trojan, which includes a resource-draining cryptocurrency-mining payload. This latest Dofoil strain entered the scene earlier this month and is currently still active.

Read More

Topics: Cyber Attacks, Attack Analysis, Threat Profile

Webinar: Dynamic Endpoint Protection for Virtual Environments

Posted by Tom Bain on March 20, 2018 at 7:35 AM

Register for our webinar Dynamic Endpoint Protection for Virtual Environments on March 21, 2018.

Virtual Desktop Infrastructure (VDI) offers many advantages but it is not attack proof and highly advanced cyberattacks present an ever growing threat. IT and Security teams need to rethink the fabric, the costs and the risks inherent within virtual environments. Endpoint protection for VDIs has always been problematic as they are extremely sensitive to the performance impact of security products. The wrong security tools will consume resources, slow system boot up and impede productivity.

Read More

Topics: Endpoint Security, VDI, Webinars

Morphisec Uncovers New Attack Vector Named CIGslip That Bypasses Microsoft Code Integrity Guard (CIG)

Posted by Michael Gorelik on March 7, 2018 at 7:50 PM

Morphisec researchers Michael Gorelik and Andrey Diment have discovered CIGslip, a new method which can be exploited by attackers to bypass Microsoft’s Code Integrity Guard (CIG) and load malicious libraries into protected processes such as Microsoft Edge.

Read More

The Lazarus Group Strikes Again - Or is it an Imposter? The Latest CVE-2018-4878 Attack

Posted by Michael Gorelik on March 2, 2018 at 9:13 AM

The Lazarus Group, also known as Hidden Cobra, may be in play again. The notorious cybercrime group is allegedly responsible for some of the most devastating attacks over the past few years, including the SWIFT network hack that stole $81 million Central Bank of Bangladesh issued and the 2014 destructive wiper attack against Sony Pictures. Some also link the WannaCry ransomware breakout to the same group.

Many of the existing reports covering the Lazarus attacks suggest links to North Korea. In fact, Hidden Cobra is the U.S. Government’s designation for malicious cyber activity conducted by the North Korean government.

On February 28, 2018, Morphisec Labs identified and prevented a suspicious document uploaded to VirusTotal that exploits the latest Flash vulnerability CVE-2018-4878. While analyzing the exploit and the downloaded payload, we immediately identified a near-perfect match to many of the techniques used during various attacks that are attributed to the Lazarus Group.

Read More

Topics: Exploits, Cyber Security, Threat Profile

Flash Exploit, CVE-2018-4878, Spotted in The Wild as Part of Massive Malspam Campaign

Posted by Michael Gorelik on February 25, 2018 at 7:42 PM

 

On February 22, 2018, Morphisec Labs spotted several malicious word documents exploiting the latest Flash vulnerability CVE-2018-4878 in the wild in a massive malspam campaign. Adobe released a patch early February, but it will take some companies weeks, months or even years to rollout the patch and cyber criminals keep developing new ways to exploit the vulnerability in this window

Read More

Topics: Exploits, Cyber Attacks, Attack Analysis, Malspam

Threat Profile: GandCrab Ransomware

Posted by Roy Moshailov on February 23, 2018 at 11:08 PM

GandCrab Ransomware

These days, most malware employs long chain attack and anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. Such is the case with GandCrab, a new ransomware strain that entered the scene late last month and is currently active.

Read More

Topics: Ransomware, Exploit Kit, Attack Analysis, Custom Packer, Threat Profile

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts