Advanced persistent threats describes the highly evolved nature of today’s cyberattacks. Hackers have developed sophisticated techniques – in-memory exploits, living-off-the-land attacks, remote access trojans, and more – that allow them to evade...
Read MoreSince early March, the team at Morphisec Labs has been supporting enterprises as they shift to distributed workforces in response to COVID-19. From assisting hospitals with securing their remote workers to uncovering new weaknesses in collaboration...
Read MoreAs part of a rapid change in the work environment during the COVID-19 pandemic, Morphisec Labs has been tracking the change in the attack trend landscape. This has included the evolution of adware, PUA, and fraudulent software bundle delivery beyond...
Read MoreThe rise of fileless attacks in the past 10 years has stymied even the best antivirus software. Traditional AV is designed to detect known signatures of known malware and prevent it from executing. Fileless attacks lack a signature, which allows it...
Read MoreEDITOR'S NOTE: The previous version of this blog post mis-identified the source of this attack as the FIN7 group; GRIFFON and OSTAP are both very long javascripts that have many similarities. This caused the confusion in identifying the attack as...
Read MoreIn August of 2019, just a month after our publication on a targeted BitPaymer/IEncrypt campaign, Morphisec identified a new and alarming evasion technique that the same adversaries adopted while targeting yet another enterprise in the automotive...
Read MoreDuring the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within the network of a customer in the...
Read MoreIntroduction
This week, Kaspersky Lab reported initial details of a new supply chain attack on systems by computer giant ASUS. Dubbed ShadowHammer by Kaspersky, the attack leveraged a malicious version of ASUS Live Update, a utility that...
Read MoreLet’s face it – there are a lot of threat reports and threat data floating around. What makes the Morphisec Labs Threat Report different is the type of threats it analyzes. It focuses on the threats that pose a real risk to organizations, the ones...
Read MoreMicrosoft has introduced significant changes in the loader functionality as part of its new re-release of Windows 10 v. 1809.
Morphisec and Microsoft identified an issue impacting users running Morphisec’s ETP agent on top of Windows 10 v. 1809 with...
Read MoreNote: This post was updated 11-30-18 with details of a new intercepted attack. See technical description below.
Over the past three days, Morphisec Labs researchers have discovered a widespread cyber campaign hitting multiple targets. Morphisec...
Read MoreThis blog was co-authored by Alon Groisman.
It seems like the rumors of FIN7’s decline have been hasty. Just a few months after the well-publicized indictment of three high-ranking members in August, Morphisec has identified a new FIN7 campaign that...
Read MoreOver the past year, Morphisec and several other endpoint protection companies have been tracking a resurgence in activity from the Cobalt Group. Cobalt is one of the most notorious cybercrime operations, with attacks against more than 100 banks...
Read MoreSo far, 2018 has turned out to be anything but business as usual, at least on the cybersecurity front. The revelation about CPU vulnerabilities Meltdown and Spectre (and all the offshoots); the explosion in cryptojacking – which is likely even more...
Read MoreAfter more than four years with no weaponized exploits for Adobe Acrobat Reader, researchers at ESET identified a weaponized PDF that allows attackers to execute arbitrary code on the targeted machine and eventually assume full system control. The...
Read MoreIn April, researchers at Qihoo 360 Core Security Division discovered a VBScript vulnerability actively exploited in targeted attacks. Since then, it has appeared in additional attack campaigns. The vulnerability, CVE-2018-8174, dubbed "Double...
Read MoreOn March 21,2018, Morphisec Labs began investigating the compromised website of a leading Hong Kong Telecommunications company after being alerted to it by malware hunter @PhysicalDrive0. The investigation, conducted by Morphisec researchers...
Read MoreMorphisec researchers Michael Gorelik and Andrey Diment have discovered CIGslip, a new method which can be exploited by attackers to bypass Microsoft’s Code Integrity Guard and load malicious libraries into protected processes such as Microsoft Edge.
Read MoreThe Lazarus Group, also known as Hidden Cobra, may be in play again. The notorious cybercrime group is allegedly responsible for some of the most devastating attacks over the past few years, including the SWIFT network hack that stole $81 million...
Read MoreOn February 22, 2018, Morphisec Labs spotted several malicious word documents exploiting the latest Flash vulnerability CVE-2018-4878 in the wild in a massive malspam campaign. Adobe released a patch early February, but it will take some companies...
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Automated Moving Target Defense (154)
- Threat Research (134)
- Cyber Security News (131)
- Morphisec Labs (123)
- Morphisec News (55)
- Adaptive Exposure Management (12)
- Defense-in-Depth (12)
- Ransomware (12)
- Gartner (10)
- Continuous Threat Exposure Management (CTEM) (8)
- In-Memory Attacks (7)
- Microsoft (7)
- Preemptive Security (7)
- Threat and Vulnerability Management (7)
- Advanced Threat Defense (6)
- Financial Cybersecurity (4)
- Healthcare Cybersecurity (4)
- Legacy Security (4)
- Linux Cybersecurity (4)
- Runtime Attacks (4)
- ChatGPT (3)
- Evasive Loader (3)
- Fileless Malware (3)
- Patch Management (3)
- Product Blogs (3)
- Artificial Intelligence (2)
- Anti-tampering (1)
- Case Study (1)
- IoT Security (1)
- Managed Service Providers (1)
- Server Security (1)