Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade most security solutions.
In less than two weeks, experts and enthusiasts from around the world will converge upon the Mandalay Bay resort in Las Vegas for Black Hat USA, one of the biggest information security events of the year. Black Hat is all about about the latest threat research, the newest hacking techniques and the most innovative technology, and Morphisec is excited to be a part of it.
Attending Black Hat 2018? We'd love to meet up. Connect with members of the Morphisec team either in a personal meeting or at one of our many Black Hat events.
July has been a busy month for the distributors of GandCrab ransomware. After about two months with no major update, the cybercrime gang behind GandCrab released version 4, and a few days later, version 4.1. The primary delivery method is via compromised WordPress websites, which have been hijacked to include fake crack application pages, which in turn redirect to the GandCrab executable. Other distribution methods are Exploit Kits (EK) and malicious email campaigns.
Morphisec officially opened its new corporate headquarters in the Gav-Yam Negev Advanced Technologies Park in Beer Sheva, Israel. Known as Israel’s leading cybersecurity technology center of innovation, the park is a collaborative endeavor of Ben Gurion University, the city of Beer-Sheva, and real estate developer KUD International. It brings together academia, advanced research, local government, business entrepreneurship and the global technology industry.
Morphisec is pleased to announce the 2018 winners of the Morphisec Women in Cybersecurity Scholarship. The program offers three scholarships for female students enrolled in cybersecurity-related studies to support and encourage young women exploring a career in this field. In addition to the cash awards, the first place winner receives a personal mentoring session.
A new highly sophisticated botnet incorporating numerous malicious, evasive techniques is quickly spreading its tentacles. Dubbed MyloBot, the botnet uses an usually complex chain attack and combines multiple anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. Initial research published by Deep Instinct points out that everything on the victim’s end takes place in memory, while the main business logic of the botnet is executed in an external process using code injection. This makes it even harder to detect and trace.
Adobe disclosed that a Flash zero-day was being exploited in targeted attacks against Windows users. The critical vulnerability was discovered and independently reported by several security firms. Successful exploitation of the vulnerability allows arbitrary code execution which can ultimately lead to an attacker assuming full system control.
So far, 2018 has turned out to be anything but business as usual, at least on the cybersecurity front. The revelation about CPU vulnerabilities Meltdown and Spectre (and all the offshoots); the explosion in cryptojacking – which is likely even more widespread than current estimates; the lightning speed at which the newest sophisticated attack technology is adopted by mass market criminals.
After more than four years with no weaponized exploits for Adobe Acrobat Reader, researchers at ESET identified a weaponized PDF that allows attackers to execute arbitrary code on the targeted machine and eventually assume full system control. The PDF exploits two previously unknown vulnerabilities, Acrobat Reader vulnerability CVE-2018-4990 and a privilege escalation vulnerability in Microsoft Windows, CVE-2018-8120.
Adobe Reader has a built-in sandbox feature that usually makes exploitation difficult. By combining vulnerabilities, this attack achieves code execution and then bypasses the sandbox protection to fully compromise the targeted system.
We all wish we were smarter. And I believe that the vast majority of people, in some way, strive to GET smarter.
As someone who has been involved in the cybersecurity industry for years, and watched it evolve, I see countless companies in this market using the aspect of intelligence to position themselves as being smarter than others. But if you have to proclaim your intelligence, are you actually smart? Or even smarter than me? Or than the next company?