ON-DEMAND WEBINAR: Morphisec's Top 10 Security Predictions - Outlook into 2024
arrow-white arrow-white Watch now
close
Posted by Michael Gorelik on September 26, 2017

This report was authored by: Michael Gorelik and Assaf Kachlon.

Last week’s malware news was filled with the CCleaner backdoor exposed by Morphisec’s security solution. This week Morphisec uncovered another ongoing malware campaign, this one a...

Read More
Posted by Michael Gorelik on September 18, 2017

As widely reported today, the Avast-owned security application CCleaner was illegally modified by hackers. According to Avast, some 2.27 million users were running the weaponized version 5.33 of CCleaner. In addition, the CCleaner cloud version...

Read More
Posted by Michael Gorelik on June 9, 2017

INTRODUCTION

On June 7, 2017, Morphisec Lab identified a new, highly sophisticated fileless attack targeting restaurants across the US. The ongoing campaign allows hackers to seize system control and install a backdoor to steal financial information...

Read More
Posted by Michael Gorelik on April 27, 2017

INTRODUCTION

From April 19-24, 2017, a politically motivated, targeted campaign was carried out against numerous Israeli organizations. Morphisec researchers began investigating the attacks on April 24 and continue to uncover more details. Initial...

Read More
Posted by Michael Gorelik on March 16, 2017

Morphisec Discovers New Fileless Attack Framework

Ties Single Threat Actor Group to Multiple Campaigns, Interacts with Hacker.

On the 8th of March, Morphisec researchers began investigating a new fileless threat delivered via a macro-enabled Word...

Read More
Posted by Michael Gorelik on February 22, 2017

Cerber ransomware is one of the most sophisticated and popular ransomware families, attacking victims across the globe. Additional popular ransomware families in the cybercriminal’s arsenal include Locky (Osiris), Spora, Shade and several others.

Read More
Posted by Michael Gorelik on October 22, 2016

UPDATED POST  - NOW WITH DETAILED TECHNICAL ANALYSIS!

During October 17 to 21, Morphisec identified and prevented several malicious and sophisticated macro-based documents at the site of one of our customers delivering a fileless Kovter backdoor...

Read More
Posted by Michael Gorelik on October 13, 2016

Morphisec Prevents Major Malspam campaign - Again

In our report at the beginning of September about a large-scale malspam campaign discovered and stopped by Morphisec, we pointed out the central role that malware spam plays for hackers and the...

Read More
Posted by Michael Gorelik on September 16, 2016

New Locky – Zepto variant prevented by Morphisec

Since Locky’s discovery in February 2016, it has emerged as one of the most prevalent and devastating ransomware threats of 2016. Over the last two months, ransomware in general has evolved greatly in...

Read More
Posted by Michael Gorelik on September 8, 2016

Spam is still the preferred attack vector for cyber criminals and malware spam campaigns continue to increase. According to the Symantec Internet Threat Report, 1 in 220 emails in 2015 contained malware. While this figure may seem low, consider that...

Read More
Posted by Michael Gorelik on July 12, 2016

There are kits for everything these days: beer brewing, engine tuning, and, yes, hacking. Hacking's “exploit kits” (EKs)—toolkits with packaged exploit codes—let almost anyone become a digital intruder, from the guy down the hall to the nation-state...

Read More
Posted by Michael Gorelik on July 6, 2016

Angler Hangs Up Its Pole

Back in April, more than 80% of drive by download attacks were attributed to Angler. Now? Nearly zero. Speculation abounds regarding its disappearance earlier this month. A vacation by Angler operators? Black market price...

Read More
Posted by Michael Gorelik on July 2, 2016

The disappearance of Angler has left a gaping hole in the malware market which cybercriminals are only to happy to fill with new variants of old standbys. The latest to reemerge after a period of disuse are Locky and Dridex. A new Locky campaign...

Read More
Posted by Michael Gorelik on June 13, 2016

With fileless malware popping up more and more frequently, particularly sophisticated PowerShell attacks, we thought it useful to examine these threats by reverse engineering those in-memory samples from Virus Total that have the lowest detection...

Read More
Posted by Michael Gorelik on May 20, 2016

Yet another critical Flash vulnerability was uncovered this month, thanks to researchers at FireEye. The vulnerability, CVE-2016-4117, exists in Flash 21.0.0.226 and earlier versions for Windows, Mac, Linux, and Chrome OS. It received a CVSS v3...

Read More
Posted by Michael Gorelik on May 10, 2016
 

In the course of our research, we constantly encounter the simple but harsh truth that malware authors can easily bypass popular security products with small variations to their code. In this technical analysis, we present the inner details of a...

Read More
Posted by Michael Gorelik on April 13, 2016

After the burst of the bug bubble, I’m left wondering who at SerNet decided the Badlock marketing campaign was a good idea and why.  It certainly was not, as claimed, to raise awareness for a critical bug that needed immediate patching.

Read More
Posted by Michael Gorelik on March 2, 2016

In Morphisec Labs, we are constantly tracking the behavior of the exploit kits that are making life easy for hackers and complicated for security managers. Since the EKs need to take advantage of whatever vulnerability they can find on an end user’s...

Read More
Posted by Michael Gorelik on February 16, 2016

A few days ago @PhysicalDrive0 (malware hunter) published a new word document sample that we were intrigued to check-in Morphisec Labs.  We wanted to see if our product performs its immediate prevention objective. And it did, as expected.

Read More
Posted by Michael Gorelik on January 13, 2016

The recent discovery of vulnerabilities in antivirus software by enSilo sparked curiosity among the Morphisec Labs team. After a long deep dive our research found that the vulnerability wasn’t an unintentional flaw in the code, it was a feature!...

Read More