<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

Threat Alert: Adobe Flash Zero-Day CVE-2018-15982

Posted by Morphisec Labs on December 5, 2018 at 7:31 PM

Today Adobe disclosed a new Flash zero-day, releasing a patch for the critical vulnerability in an out-of-band update. Successful exploitation gives attackers the ability to execute arbitrary code on the targeted machine, and eventually assume full system control. Morphisec customers are already protected from attacks exploiting this vulnerability.

Read More

Topics: Threat Alerts, Zero-day, Exploits, Cyber Attacks

Morphisec Uncovers Global “Pied Piper” Campaign

Posted by Michael Gorelik on November 29, 2018 at 10:32 PM

Note: This post was updated 11-30-18 with details of a new intercepted attack. See technical description below.

Over the past three days, Morphisec Labs researchers have discovered a widespread cyber campaign hitting multiple targets. Morphisec researchers dubbed the campaign “Pied Piper”as it delivers various Remote Access Trojan (RAT) payloads via phishing, across multiple countries.

Read More

Topics: Threat Alerts, Cyber Attacks, Attack Analysis, FlawedAmmyy

‘TIS THE SEASON FOR CYBER-ATTACKS

Posted by Tom Bain on November 23, 2018 at 8:41 AM

DATA SHOWS THE HOLIDAYS ARE THE MOST CHALLENGING TIME OF YEAR FOR ENTERPRISE SECURITY TEAMS

 

Careless Employee Behavior During the Online Holiday Shopping Season Will Leave Organizations Exposed to a Higher Risk of Cyber Attacks

The holiday season is fraught with consumer fraud. Holiday shoppers - both in-store and online - open themselves up to substantially higher risk without even knowing it.

However, what doesn’t get as much attention is the vulnerabilities that are created within enterprise organizations. Meaning, when employees choose to use work-issued devices and

Read More

Topics: Cyber Security, Cyber Attacks, CISO

FIN7 Not Finished – Morphisec Spots New Campaign

Posted by Michael Gorelik on November 21, 2018 at 5:55 PM

This blog was co-authored by Alon Groisman.

It seems like the rumors of FIN7’s decline have been hasty. Just a few months after the well-publicized indictment of three high-ranking members in August, Morphisec has identified a new FIN7 campaign that appears to be targeting the restaurant industry.

Read More

Topics: Threat Alerts, Cyber Attacks, FIN7, Attack Analysis

What Is the  Current Fear Threshold for Americans for State-Sponsored Cyber Attacks on the Upcoming U.S. Elections?

Posted by Tom Bain on November 1, 2018 at 10:38 AM

Read More

Topics: Cyber Security, Industry News, Research, Cyber Attacks

SharpShooter Pen Testing Framework Used by Attackers

Posted by Roy Moshailov on August 12, 2018 at 1:39 PM

Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade most security solutions.

Read More

Topics: Threat Alerts, Endpoint Security, Cyber Attacks, Sandbox evasion, Fileless Attacks

Watering Hole Attack on Leading Hong Kong Telecom Site Exploiting Flash Flaw (CVE-2018-4878)

Posted by Michael Gorelik on March 23, 2018 at 7:01 AM

On March 21,2018, Morphisec Labs began investigating the compromised website of a leading Hong Kong Telecommunications company after being alerted to it by malware hunter @PhysicalDrive0. The investigation, conducted by Morphisec researchers Michael Gorelik and Assaf Kachlon, determined that the Telecom group's corporate site had indeed been hacked. Attackers added an embedded Adobe Flash file that exploits the Flash vulnerability CVE-2018-4878 on the main home.php page.

Read More

Topics: Threat Alerts, Fileless Attacks, Attack Analysis, Exploits, Cyber Attacks

Threat Profile: Dofoil (Smoke Loader) Trojan with Coin-Miner 

Posted by Roy Moshailov on March 22, 2018 at 8:08 AM

 

These days, most malware employs a long attack chain with anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security researchers. More and more frequently, they are also incorporating coin miners in attacks. Such is the case with a newly observed variant of the Dofoil (also known as Smoke Loader) trojan, which includes a resource-draining cryptocurrency-mining payload. This latest Dofoil strain entered the scene earlier this month and is currently still active.

Read More

Topics: Threat Profile, Attack Analysis, Cyber Attacks

Flash Exploit, CVE-2018-4878, Spotted in The Wild as Part of Massive Malspam Campaign

Posted by Michael Gorelik on February 25, 2018 at 12:42 PM

 

On February 22, 2018, Morphisec Labs spotted several malicious word documents exploiting the latest Flash vulnerability CVE-2018-4878 in the wild in a massive malspam campaign. Adobe released a patch early February, but it will take some companies weeks, months or even years to rollout the patch and cyber criminals keep developing new ways to exploit the vulnerability in this window

Read More

Topics: Cyber Attacks, Exploits, Attack Analysis, Malspam

CVE-2018-4878: An Analysis of the Flash Player Hack

Posted by Michael Gorelik on February 8, 2018 at 7:30 AM

 

Before diving into the analysis of CVE-2018-4878, a quick reminder that this is the continuation of our previous post, which provided background on CVE-2018-4878, including a  video of how Morphisec prevents any attacks leveraging this Flash vulnerability. Morphisec prevents the attack at all phases and components in the attack chain – during the exploit, the shellcode, as well as the malware which is executed using wbscript.exe with additional in-memory command control code.

At the time of the previous post, the vulnerability was still a zero-day. Adobe released a new version that fixed the flaw yesterday. With that fix available, Morphisec is now free to release technical details of the attack.

Read More

Topics: Cyber Attacks, Exploits, Attack Analysis, Zero-day

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts