<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

Explosive New MirrorBlast Campaign Targets Financial Companies

Posted by Arnold Osipov on October 14, 2021

Key Points: 

  • Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations 
  • MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
  • MirrorBlast has...
Read More

Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex

Posted by Arnold Osipov on June 24, 2020

The Morphisec Labs team has tracked an obfuscated VBScript package in campaigns since March 2020. Initially, the malware campaign was focused on targets within Germany, but has since moved on to additional targets--excluding any IP address within...

Read More

ConnectWise Control Abused Again to Deliver Zeppelin Ransomware

Posted by Alon Groisman on December 18, 2019
Zeppelin Ransomware 2019-12-17

In April 2019, attackers who breached IT supplier Wipro leveraged the ConnectWise Control (formerly ScreenConnect) remote desktop application as a major component of their attack.

Read More

NanoCore RAT Under the Microscope

Posted by Morphisec Labs on October 16, 2019
nanocore2

In this blog, we will present some findings on how NanoCore RAT 1.2.2.0 is actively being delivered in new and different ways that we discovered at Morphisec Labs in the last couple of months. Specifically, we will focus on the sophisticated...

Read More

FIN8 is Back in Business, Targeting the Hospitality Industry

Posted by Michael Gorelik on June 10, 2019
blogpost-image-pos-attack

During the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within the network of a customer in the...

Read More

A look at Hworm / Houdini AKA njRAT

Posted by Arnold Osipov on May 13, 2019
blogpost-header-hworm

 

Hworm/njRAT is a Remote Access Tool (RAT) that first appeared in 2013 in targeted attacks against the international energy industry, primarily in the Middle East. It was soon commoditized and is now part of a constantly evolving family of RATs...

Read More

Inside the ASUS Supply Chain Attack

Posted by Michael Gorelik on March 28, 2019
blogpost-image-ASUS-attack

Introduction

This week, Kaspersky Lab reported initial details of a new supply chain attack on systems by computer giant ASUS. Dubbed ShadowHammer by Kaspersky, the attack leveraged a malicious version of ASUS Live Update,

Read More

New Global Cyber Attack on Point of Sale Systems

Posted by Morphisec Labs on February 27, 2019
bloglisting-img-POS-attack

This post was authored by Michael Gorelik and Alon Groisman.

Over the past 8-10 weeks, Morphisec has been tracking multiple sophisticated attacks targeting Point of Sale thin clients globally.

Read More

New Campaign Delivers Orcus RAT

Posted by Morphisec Labs on January 30, 2019
Orcus-RAT-listing

This post was authored by Michael Gorelik, Alon Groisman and Bruno Braga.

A new, highly sophisticated campaign that delivers the Orcus Remote Access Trojan is hitting victims in ongoing, targeted attacks. Morphisec identified the campaign after...

Read More

The December 2018 Morphisec Labs Threat Report

Posted by Michael Gorelik on December 18, 2018
ThreatReport_blog

Let’s face it – there are a lot of threat reports and threat data floating around. What makes the Morphisec Labs Threat Report different is the type of threats it analyzes. It focuses on the threats that pose a real risk to organizations, the...

Read More
All posts

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.
New call-to-action

Search Our Site

    Recent Posts

    Posts by Tag

    See all