<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Morphisec Labs on December 5, 2018

Today Adobe disclosed a new Flash zero-day, releasing a patch for the critical vulnerability in an out-of-band update. Successful exploitation gives attackers the ability to execute arbitrary code on the targeted machine, and eventually assume full system control. Morphisec customers are already protected from attacks exploiting this vulnerability.

... Read More
Posted by Michael Gorelik on November 29, 2018

Note: This post was updated 11-30-18 with details of a new intercepted attack. See technical description below.

Over the past three days, Morphisec Labs researchers have discovered a widespread cyber campaign hitting multiple targets. Morphisec researchers dubbed the ... Read More

Posted by Michael Gorelik on November 21, 2018

This blog was co-authored by Alon Groisman.

It seems like the rumors of FIN7’s decline have been hasty. Just a few months after the well-publicized ... Read More

Posted by Michael Gorelik on October 8, 2018

 

Over the past year, Morphisec and several other endpoint protection companies have been tracking a resurgence in activity from the Cobalt Group. Cobalt is one of the most notorious cybercrime operations, with attacks against more than 100 banks across 40 countries

Read More
Posted by Shelley Leveson on September 28, 2018

The Fallout exploit kit, named for its similarities to the once notorious Nuclear exploit kit, already shows signs of reaching the levels of popularity of its namesake. Since its discovery by security researchers at the end of August, Fallout has been seen distributing the SmokeLoader ... Read More

Posted by Roy Moshailov on August 12, 2018

Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade most security solutions.

Read More
Posted by Roy Moshailov on July 18, 2018

July has been a busy month for the distributors of GandCrab ransomware. After about two months with no major update, the cybercrime gang behind GandCrab released version 4, and a few days later, version 4.1. The primary delivery method is via compromised WordPress websites, which have been hijacked to include fake crack application pages, which in turn redirect ... Read More

Posted by Roy Moshailov on June 27, 2018

A new highly sophisticated botnet incorporating numerous malicious, evasive techniques is quickly spreading its tentacles. Dubbed MyloBot, the botnet uses an usually complex chain attack and combines multiple anti-analysis techniques to make it more difficult to detect the payload and harder to analyze by security ... Read More

Posted by Morphisec Team on June 22, 2018

Adobe disclosed that a Flash zero-day was being exploited in targeted attacks against Windows users. The critical vulnerability was discovered and independently reported by several security firms. Successful exploitation of the vulnerability allows arbitrary code execution which can ultimately lead to an attacker assuming full system control.

... Read More
Posted by Michael Gorelik on June 18, 2018

 

After more than four years with no weaponized exploits for Adobe Acrobat Reader, researchers at ESET identified a weaponized PDF that allows attackers to execute arbitrary code on the targeted machine and eventually assume full system control. The PDF exploits two previously unknown vulnerabilities, ... Read More

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.

Recent Posts