How an organization handles the time between the unleashing of a zero-day and the availability of a patch is telling. There are basically two kinds of companies – those that try to mitigate the risk as best they can while they wait for a patch and those that have a security tool able to prevent zero-days. The latest Flash-Player zero-day CVE-2018-4878 is yet another example.
Towards the end of 2017, a group of researchers at Embedi discovered a Microsoft Office vulnerability that’s been quietly putting systems in danger for about 17 years.
With a turbulent 2017 finally behind us, what’s the cybersecurity forecast for 2018? Some predictions need no crystal ball – the cyber labor shortage will continue, spending on security solutions will go up, the breaches that do occur will be bigger and messier. But what else is in store for 2018? Morphisec’s VP Sales Arthur Braunstein, VP Product Netta Schmeidler and our co-founder Dudu Mimram weigh in.
Two days ago, researchers at TarLogic published a proof-of-concept APT that leverages CVE-2017-11826, a Microsoft Office 0-day vulnerability existing in all Office versions. Microsoft issued a patch for the vulnerability in October, however many systems still remain at risk.
The annual holiday season has arrived. The air grows crisp (at least in the Northern hemisphere), new, cool gadgets are released and cyberattacks, along with cologne ads, proliferate. Cyber threats aren’t deterring shoppers though: The National Retail Federation expects online holiday sales to increase by 7 to 10 percent over last year, reaching as much as $117 billion. With e-commerce attacks in Q3 2016 increasing by 60 percent over the previous year, shopping hazards can hit from all sides. From phishing sites to online card skimming to compromised terminals in stores; even gifts themselves pose security risks. Still, there is much both consumers and retailers can do in order to make an all around safer shopping experience.
A report co-authored by Michael Gorelik, CTO and VP R&D, and Roy Moshailov, Malware Research Expert at Morphisec.
Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade current detection solutions.
In the last 48 hours, a hurricane of e-mails has crossed my Inbox, with breathless and self-congratulatory subject lines like "Our latest release detects Bad Rabbit" and "XYZ now protects XYZ customers from Bad Rabbit." In other words, "If you use our product, you were exposed to Bad Rabbit, but now that we know about it (from someone else) we deployed an update." Once you decode the messages, it’s clear that the content is not newsworthy, differentiating or exciting, it’s just an excuse to partake in the latest frenzy.
Two weeks ago, Morphisec Lab, led by VP R&D Michael Gorelik, warned of a new attack by the FIN7 cybercrime group against restaurants across the US. Earlier this year, the financially motivated FIN7 group, one of the leading threat actor groups operating today, targeted restaurant chains Chipotle, Baja Fresh and Ruby Tuesday, among others. And you certainly remember the massive 2016 attack on the Wendy’s fast food chain, which resulted in over 1000 Wendy’s locations hit by a credit card breach. Numbers were also big in the Arby’s data breach discovered in January 2017: according to the credit union service PSCU, 350,000 credit and debit card accounts might have been impacted by the hack on Arby’s point-of-sale (PoS) systems.
On June 7, 2017, Morphisec Lab identified a new, highly sophisticated fileless attack targeting restaurants across the US. The ongoing campaign allows hackers to seize system control and install a backdoor to steal financial information at will. It incorporates some never before seen evasive techniques that allow it to bypass most security solutions – signature and behavior based.
Last week, a massive wave of spam email that infects victims with a new type of ransomware, dubbed "Jaff", flooded networks across Europe, North America and Australia. Estimates put the number of malicious emails in the tens of millions.