Malware Is a Symptom – Don’t Treat Symptoms

Posted by Arthur Braunstein on Mar 30, 2017 3:00:29 AM

Imagine this. You are in charge of public health and must deal with an unrelenting epidemic. You have two options for protecting the population.

The first option is to monitor each person for symptoms of infection. You buy analytical technology and infrastructure, hire staff and build hospitals. You send forth specialists to monitor everyone. When they notice symptoms, more tests are performed. The symptoms are
subtle (fatigue, headache, stiffness), and healthy and sick people look a lot alike, so to be on the safe side you test far more people than are truly ill. Once you suspect infection, you quarantine the person and start a course of treatment. Sometimes the people are cured. Sometimes they are not. You can’t guarantee that you will find everyone who is infected. Or that everyone you treat is ill. The monitoring and mandatory quarantine intrude on civil liberties, disrupt lives and interfere with the economy. To compound matters, the disease mutates, so you have to continually design new screening tests and retrain the specialists.

Read More

Topics: 0-day exploits, Moving Target Defense, Advanced Persistent Threats, Endpoint Security

Morphisec Discovers New Fileless Attack Framework

Posted by Michael Gorelik on Mar 16, 2017 7:55:00 PM

Morphisec Discovers New Fileless Attack Framework

Ties Single Threat Actor Group to Multiple Campaigns, Interacts with Hacker.

On the 8th of March, Morphisec researchers began investigating a new fileless threat delivered via a macro-enabled Word document, which was attached to a phishing email sent to targeted high-profile enterprises. During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much discussed attack campaigns.

Read More

Topics: Attacks, cybersecurity, Attack Analysis, fileless attacks

Andromeda’s Five Star Custom Packer – Hackers’ Tactics Analyzed

Posted by Roy Moshailov on Mar 13, 2017 8:08:50 AM

Packer-based malware is malware which is modified in the runtime memory using different and sophisticated compression techniques. Such malware is hard to detect by known malware scanners and anti-virus solutions. In addition, it is a cheap way for hackers to recreate new signatures for the same malware on the fly simply by changing the encryption/packing method. Packers themselves are not malware; attackers use this tactic to obfuscate the code’s real intention.

Read More

Topics: Attacks, Sandbox evasion, cybersecurity, Attack Analysis, Custom Packer

RSAC 2017: Is the cybersecurity industry about keeping up with the Joneses?

Posted by Omri Dotan on Feb 27, 2017 2:55:20 PM

There is no shortage of product announcements in the security industry, and this focus was clearly on display at the recent RSA Conference 2017. And while many attendees went in with high hopes of finally glimpsing the revolution that security experts have been calling for or discovering a solution that will fundamentally change the current, failing endpoint security paradigm – our cybersecurity challenges remain unaffected by the plethora of solutions. Instead of  focusing on security for the modern age, companies are continuing to build products and solutions that are feeding into the problem rather than reducing risk. Has the industry become more about having the latest and greatest solution to “keep up with the Joneses” rather than focusing on what we should be building now to prepare for the security challenges we will face tomorrow?

Read More

Topics: Industry News, cybersecurity

New Wave of Cerber Ransomware Sweeps the Globe – Can’t Surge Past Morphisec

Posted by Michael Gorelik on Feb 22, 2017 10:41:31 AM

Cerber ransomware is one of the most sophisticated and popular ransomware families, attacking victims across the globe. Additional popular ransomware families in the cybercriminal’s arsenal include Locky (Osiris), Spora, Shade and several others.

Read More

Topics: Ransomware, Cerber

Ready for RSAC and a New Take on Endpoint Security?

Posted by Morphisec Team on Feb 9, 2017 9:16:00 AM

One of the biggest cybersecurity events of the year, held in one of the most beautiful cities in the world, is almost upon us. The 2017 RSA Conference in San Francisco opens next week, and Morphisec's top experts will be on hand to discuss your security and business challenges. Learn more about Morphisec Endpoint Threat Prevention the first and only solution to use Moving Target Defense technology to prevent zero-days, evasive malware, ransomware and advanced attacks in real-time.

Read More

Topics: Events, Product, Endpoint Security, cybersecurity

Hedge Funds Need to Hedge Against Hackers

Posted by Omri Dotan on Feb 1, 2017 9:55:46 AM

Hedge funds are coming under increasingly heavy fire from attackers and regulators alike. A 2015 report issued by the SEC that examined more than 100 financial companies found that 88 per cent of broker-dealers and 74 per cent of investment advisers have experienced a cyberattack directly or through one or more of their vendors.

Read More

Topics: Endpoint Security, CISO, cybersecurity

Meet Us at CyberTech Tel Aviv

Posted by Morphisec Team on Jan 27, 2017 11:29:11 PM

Morphisec brings its team of cyber security experts to CyberTech Tel Aviv next week, January 30 to February 2. Meet the faces behind the pioneering Moving Target Defense technology that’s disrupting the endpoint security field.

Read More

Topics: Events, Product, Endpoint Security, cybersecurity

How to Build an Economically-Driven Cyber Defense Strategy

Posted by Ronen Yehoshua on Jan 27, 2017 1:07:55 AM

Today, a few hackers may be ideologically motivated, but the majority of attacks are financially-driven crimes. This is seen most clearly in the rise of ransomware; no mystery, just pure and simple extortion. And consider the latest victim of choice, the healthcare industry, sacrosanct in most people’s eyes but merely a lucrative, vulnerable target to cybercriminals. As such, cybercrime follows the economic rules of any business – reward must outweigh costs – and should be confronted on those terms.

Read More

Topics: Endpoint Security, CISO, cybersecurity, cyberattacks

Our Top 10 Blog Posts of 2016

Posted by Morphisec Team on Jan 20, 2017 7:28:50 PM

Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.

Read More

Topics: Exploits, ASLR, Angler Kit, APT, Ransomware, Attack Analysis

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....