Morphisec Discovers CCleaner Backdoor Saving Millions of Avast Users

Posted by Michael Gorelik on Sep 18, 2017 9:40:53 PM

 

As widely reported today, the Avast-owned security application CCleaner was illegally modified by hackers to establish a backdoor to the hackers’ server. According to Avast, some 2.27 million users were running the weaponized version 5.33 of CCleaner. In addition, the CCleaner’s cloud version 1.07 was affected. Morphisec was first to uncover the CCleaner Backdoor saving millions of Avast user. 

Morphisec first identified and prevented malicious CCleaner.exe installations on August 20 and 21, 2017 at customer sites. Some customers shared their logs of the prevented attacks with Morphisec on September 11, 2017.Morphisec started to investigate the prevention logs right away.

Read More

Topics: Research, Endpoint Security, Cyber Security, Attack Analysis

Case Study: Securing Advanced Manufacturing From Advanced Threats

Posted by Morphisec Team on Aug 31, 2017 9:41:20 PM

 

Modern manufacturing technology brings improved quality and efficiency at lower costs. It also brings greatly increased cyber risk. Deloitte and MAPI’s (Manufacturers Alliance for Productivity and Innovation) recently published a report which takes a hard look at the effect of current manufacturing trends on cyber risk. The study found that, while manufacturers are beginning to prioritize cybersecurity, they have a long way to go. Read the report, “Cyber Risk in Advanced Manufacturing,” to see their findings and recommendations to be “secure, vigilant and resilient.”

Read More

Topics: Endpoint Security, CISO, Cyber Security, Case Study

Version 2.0 is Here!

Posted by Morphisec Team on Aug 2, 2017 10:41:30 PM

 

In the first half of 2017 alone, organizations have had to cope with a slew of new tactics: a surge in evasive, fileless attacks, record breaking attack propagation speeds and the rise of 64-bit attacks. The latest version of Morphisec Endpoint Threat Prevention gives security teams the answer to tackle these trends plus unknown threats to come.

Read More

Topics: Company News, Product, Endpoint Security, Cyber Security, Fileless Attacks

Hospitality Industry Needs Shelter From Cyber Threats

Posted by Ursula Ron on Jun 27, 2017 9:25:54 AM

Two weeks ago, Morphisec Lab, led by VP R&D Michael Gorelik, warned of a new attack by the FIN7 cybercrime group against restaurants across the US. Earlier this year, the financially motivated FIN7 group, one of the leading threat actor groups operating today, targeted restaurant chains Chipotle, Baja Fresh and Ruby Tuesday, among others. And you certainly remember the massive 2016 attack on the Wendy’s fast food chain, which resulted in over 1000 Wendy’s locations hit by a credit card breach. Numbers were also big in the Arby’s data breach discovered in January 2017: according to the credit union service PSCU, 350,000 credit and debit card accounts might have been impacted by the hack on Arby’s point-of-sale (PoS) systems.

Read More

Topics: Cyber Attacks, Advanced Persistent Threats, Endpoint Security, Fileless Attacks

Artificial Intelligence for Security: Real Limitations

Posted by Mordechai Guri, Ph.D. on Jun 14, 2017 11:24:29 AM

 

Fueled by access to ever-increasing computational power, the past few decades have seen an explosion in Artificial Intelligence (AI) capabilities and applications. Today, AI is used in everything from image and speech recognition, to recommendation systems, to biomedical informatics to self-driving cars. Recently, various cyber security vendors are adapting "AI Technologies" in their products in order to improve the detection rate of malware and attacks. In particular, AI is expected to slowly replace the old-style signature-based detection of malware. Signature-based detection has proved to be ineffective against today's "one-million-new-samples-per-day" malware variants. But what does it really mean to use AI in detection of attacks and malware; can it really live up to its promises?

Read More

Topics: 0-day exploits, Advanced Persistent Threats, Endpoint Security, Mordechai Guri, Cyber Security

FIN7 Takes Another Bite at the Restaurant Industry

Posted by Michael Gorelik on Jun 9, 2017 6:40:33 PM

INTRODUCTION

On June 7, 2017, Morphisec Lab identified a new, highly sophisticated fileless attack targeting restaurants across the US. The ongoing campaign allows hackers to seize system control and install a backdoor to steal financial information at will. It incorporates some never before seen evasive techniques that allow it to bypass most security solutions – signature and behavior based.

Read More

Topics: Cyber Attacks, Endpoint Security, Cyber Security, Attack Analysis

Threat Profile: Jaff Ransomware

Posted by Morphisec Team on May 20, 2017 2:03:38 AM

Last week, a massive wave of spam email that infects victims with a new type of ransomware, dubbed "Jaff", flooded networks across Europe, North America and Australia. Estimates put the number of malicious emails in the tens of millions.

Read More

Topics: Cyber Attacks, Endpoint Security, Ransomware, Cyber Security

Ransomware - Answer with a Solid Cyber Security Strategy

Posted by Arthur Braunstein on May 14, 2017 11:24:49 PM

Last week’s news about cyberattacks was sobering. Cybercrime is rampant and notorious. “WannaCry,” “Jaff,” and “Cerber” - the names of the attacks that got the most publicity - read like names of gangsters from the days of Prohibition, with unique personalities, techniques that range from brutal to devious, and a lurid line-up of targets and victims. Only the wanted posters are missing.

Read More

Topics: Cyber Attacks, Ransomware, Cyber Security

Cyber Threat Trends: Spotlight on the UK

Posted by Morphisec Team on May 5, 2017 7:43:41 PM

Spurred by both government and private efforts, the UK has seen a renewed and determined focus on cyber security issues this year. Much of this can be attributed to the new National Cyber Security Centre (NCSC), which became operational in October 2016 and was officially launched February 2017 by Her Majesty the Queen. The organization’s stated mission? “Helping to make the UK the safest place to live and do business online.”

Read More

Topics: Cyber Attacks, Industry News, Cyber Security

Iranian Fileless Attack Infiltrates Israeli Organizations

Posted by Michael Gorelik on Apr 27, 2017 7:11:43 PM

INTRODUCTION

From April 19-24, 2017, a politically-motivated, targeted campaign was carried out against numerous Israeli organizations. Morphisec researchers began investigating the attacks on April 24 and continue to uncover more details. Initial reports of the attacks, published April 26 (in Hebrew) by the Israel National Cyber Event Readiness Team (CERT-IL) and The Marker, confirm that the attack was delivered through compromised email accounts at Ben-Gurion University and sent to multiple targets across Israel. Ironically, Ben-Gurion University is home to Israel’s Cyber Security Research Center. Investigators put the origin of the attack as Iranian; Morphisec’s research supports this conclusion and attributes the attacks to the same infamous hacker group responsible for the OilRig malware campaigns.

Read More

Topics: 0-day exploits, Zero-day, Attack Analysis, Fileless Attacks

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....