Our Top 10 Blog Posts of 2016

Posted by Morphisec Team on Jan 20, 2017 7:28:50 PM

Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.

Read More

Topics: Exploits, ASLR, Angler Kit, APT, Ransomware, Attack Analysis

Less is More (Dangerous): A Dissection of Fileless In-Memory Attacks

Posted by Michael Gorelik on Jun 13, 2016 8:58:34 PM

With fileless malware popping up more and more frequently, particularly sophisticated PowerShell attacks, we thought it useful to examine these threats by reverse engineering those in-memory samples from Virus Total that have the lowest detection rates.

Read More

Topics: Exploits, Attacks, Advanced Persistent Threats, APT, Attack Analysis

Ransomware: Coming to an Endpoint Near You

Posted by Morphisec Team on May 24, 2016 4:00:00 PM

 

Recently, software engineer and noted tech journalist Ben Dickson explored the growing threat of ransomware in an article in The Daily Dot. He gives a thorough yet remarkably non-techie overview before tackling the difficult part – what can companies and individuals do to protect themselves. Dickson turned to our own Ronen Yehoshua, CEO of Morphisec, to understand why traditional security approaches fail and possible solutions.

Read More

Topics: Moving Target Defense, APT, Ransomware

Flash Vulnerability Problems No Flash in the Pan [CVE-2016-4117]

Posted by Michael Gorelik on May 20, 2016 3:25:23 PM

Yet another critical Flash vulnerability was uncovered this month, thanks to researchers at FireEye. The vulnerability, CVE-2016-4117, exists in Flash 21.0.0.226 and earlier versions for Windows, Mac, Linux, and Chrome OS. It received a CVSS v3 rating of 9.8, indicating extremely critical (Adobe rushed out a patch earlier this week).

Read More

Topics: Attacks, APT, Attack Analysis

TechTarget’s Endpoint Security Survey – And Morphisec’s Answer

Posted by Ursula Ron on Apr 20, 2016 7:54:01 PM

The technology research group TechTarget recently published their findings from a survey on endpoint security at medium to large enterprises. The results corroborate trends all too evident in the news:   Despite the features and functionality added to endpoint protection software over the last few years, “organizations are still in search of effective protection techniques against unknown threats and malware.”

Read More

Topics: Advanced Persistent Threats, Endpoint Security, APT

Carbanak WinWord Exploit Prevented by Morphisec

Posted by Morphisec Team on Mar 21, 2016 9:27:20 PM

The Carbanak APT group, aka “Anunak,” (dubbed Carbanak by Kaspersky Labs to reflect its Carberp origins) is one of the most notorious cybercriminal groups to target the Financial sector. Since Carbanak was first released in December 2014, around 100 financial institutions in approximately 30 countries have fallen victim to it, losing nearly $1 billion. Carbanak attacks begin with malware infected documents sent as email attachments to targeted bank employees. The malicious document is accompanied by an email message establishing an innocent seeming context. Once activated, the document delivers the malware, usually by exploiting an unpatched Office application vulnerability, in this case Microsoft Word. After obtaining the required credentials / data from the unprotected target victims, the Carbanak malware continues to its next stage of infiltrating the financial institution’s network.

Read More

Topics: Attacks, MS Office Exploits, Advanced Persistent Threats, Endpoint Security, APT

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....