Moving Target Attacks: Techniques & Deception Methods

Posted by Morphisec Team on Apr 28, 2016 12:42:29 AM

Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.

Cyber attackers constantly develop new methods to overcome organizations’ detection and response mechanisms. The most effective and insidious are deception techniques that make it impossible to anticipate the attacker’s next onslaught. With these new techniques, collectively known as Moving Target Attacks (MTA), new strike variations can be bred in a matter of hours.

Read More

Topics: Moving Target Defense

Badlock – the Burst of a Bug Bubble

Posted by Michael Gorelik on Apr 13, 2016 1:37:57 PM

After the burst of the bug bubble, I’m left wondering who at SerNet decided the Badlock marketing campaign was a good idea and why.  It certainly was not, as claimed, to raise awareness for a critical bug that needed immediate patching.

Read More

Topics: Moving Target Defense, Patching

Changing the Economics of Cyber Defense through Early Prevention

Posted by Omri Dotan on Feb 12, 2016 3:11:54 PM

In the current state of cyber security, the bad guys have the upper hand.  Cybercrime is an industry, in which huge investments are made by criminal elements. Why? Because ROI is basically guaranteed. Building attacks takes time, requires patience, research, persistence and a good plan that considers the predictability of IT systems and users. Unfortunately, the bad guys seem to have an infinite amount of all of these, and IT systems and users are fairly predictable. So, are we forever doomed to pay millions of dollars in unsuccessful attempts to protect ourselves? 

Read More

Topics: Moving Target Defense

FireEye's Vulnerability or: Why Endpoint Protection IS the Last Line of Defense

Posted by Morphisec Team on Dec 20, 2015 9:57:30 AM

Explosive news about vulnerabilities found in FireEye's security software are hitting the headlines. ZDNet, Ars Technica, PCworld and more reported about the findings by the Google Project Zero researchers. First, let’s give kudos to FireEye for acting quickly on the discovery and release a final patch in a matter of days, thus preventing a nightmare in which a remote code executing would lead to compromise the entire computer system and network of their customers.

Read More

Topics: ASLR, Moving Target Defense

ASLR - What It Is, and What It Isn’t

Posted by Mordechai Guri, Ph.D. on Dec 17, 2015 7:56:12 AM

We often get asked how our Moving Target Defense (MTD) approach differs from ASLR. While the concepts may sound similar, ASLR is missing several key elements to make it successful at countering 0-day and targeted attacks.

Read More

Topics: ASLR, Moving Target Defense

Flash Zero-day Quickly Propagates to Unaware Sites

Posted by Michael Gorelik on Nov 9, 2015 7:15:04 PM

Have you ever wondered what happens to zero-day exploits after their big splash on day zero? Often 0-days are developed to target a specific organization, as in this Pawn Storm-related instance reported by Trend Micro, which targeted specific people within the Foreign Affairs Ministry.

Read More

Topics: Exploits, Cyber Attacks, 0-day exploits, Moving Target Defense, Zero-day, Attack Analysis

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....


Recent Posts

Most Popular Posts