In the course of our research, we constantly encounter the simple but harsh truth that malware authors can easily bypass popular security products with small variations to their code. In this technical analysis, we present the inner details of a...
In Morphisec Labs, we are constantly tracking the behavior of the exploit kits that are making life easy for hackers and complicated for security managers. Since the EKs need to take advantage of whatever vulnerability they can find on an end user’s...
Read More
Introduction
A few days ago, malware hunter @PhysicalDrive0 published a new word document sample that we were intrigued to check in Morphisec Labs. We wanted to see if our product performs its immediate prevention objective. And it did, as expected.
Read More
The recent discovery of vulnerabilities in antivirus software by enSilo sparked curiosity among the Morphisec Labs team. After a long deep dive our research found that the vulnerability wasn’t an unintentional flaw in the code, it was a feature!...
Read More
Have you ever wondered what happens to zero-day exploits after their big splash on day zero? Often 0-days are developed to target a specific organization, as in this Pawn Storm-related instance reported by Trend Micro, which targeted specific people...
Read More
After our recent blog post about an encrypted Flash exploit, we went back to analyze some more of these exploit files. We took some of the newer exploit recordings available on a malware aggregation site, and tried to decrypt them using the same...
Read More
One of our favorite things to do is to reproduce exploits in our research labs. We do this for two main reasons: first, because we are naturally curious, and second, to constantly ensure that our solution prevents these exploits natively (spoiler:...
Read More
.png?width=571&height=160&name=iso27001-(2).png)