Protecting Systems During Patching Gaps

Posted by Tom Bain on Jan 22, 2018 7:18:08 PM

The recent Meltdown and Spectre CPU vulnerabilities took almost everyone by surprise.  Widespread panic was staved off only by the promise of a nearly-ready OS patching fix, which it turned out, excluded a large swath of systems and created its own set of problems. 

Users are still scrambling to patch systems with an extremely complex mixture of OS, firmware and application updates. Organizations are encountering slowdowns, blue screens and reboot problems in their rush to avoid security problems. The entire stack of Spectre and Meltdown fixes has not yet been properly tested and will take time to reach anything resembling stability. 

Read More

Topics: Exploits, 0-day exploits, Moving Target Defense, Patching, Endpoint Security

Meltdown and Spectre Q&A

Posted by Morphisec Team on Jan 15, 2018 10:11:01 PM

The Meltdown and Spectre CPU vulnerabilities disclosed earlier this month generated a lot of noise and a lot of confusion. Our security experts received a deluge of questions from customers and industry personnel alike. Responding to this need, Morphisec CTO and VP R&D Michael Gorelik went on air to provide some answers. If you missed the webinar, you can watch it here.

Read More

Topics: Exploits, Zero-day, Cyber Security, Webinars

Meltdown and Spectre: Where the Real Risks Lie

Posted by Michael Gorelik on Jan 5, 2018 4:58:45 PM

The IT world is still shaking from the news that most modern processors have severe architecture flaws. This makes it possible for attackers to gain access to user mode and kernel memory data to leak crypto-keys, passwords, memory structures like loaded module addresses and other valuable information. The security flaws potentially affect all major CPUs, including chips manufactured by Intel, AMD and ARM.

--- 

Watch our security alert webinar on-demand in which Morphisec CTO Michael Gorelik, cuts through the noise surrounding the Meltdown and Spectre CPU vulnerabilities and answers live questions. 

WATCH IT NOW!

----

Read More

Topics: Exploits, ASLR, Cyber Security, Threat Profile

Threat Profile: RokRAT

Posted by Roy Moshailov on Jan 2, 2018 9:59:21 PM

RokRAT is a sophisticated Remote Access Trojan (RAT) that is skilled at evading detection and uses multiple techniques to make analysis difficult. The current RokRAT campaign was identified by Cisco Talos in November. The earliest known RokRAT campaign occured in April, although this used a less evasive malware variant. 

Read More

Topics: Exploits, Custom Packer, Threat Profile

Our Top 10 Blog Posts of 2016

Posted by Morphisec Team on Jan 20, 2017 7:28:50 PM

Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.

Read More

Topics: Exploits, ASLR, Angler Kit, APT, Ransomware, Attack Analysis

Tor/FireFox Zero-Day prevented by Morphisec

Posted by Ursula Ron on Dec 7, 2016 1:37:14 PM

The FireFox zero-day recently used in the wild made headlines when TOR users that fell victim to the attack lost the one thing they were looking for: anonymous browsing. Speculation ran rife that the exploit may have been created by the FBI or another governmental agency, especially as the attack resembled past investigations used to identify Tor users.

Read More

Topics: Exploits, Cyber Attacks, Zero-day, Patching

The Many Faces of Ransomware

Posted by Mordechai Guri, Ph.D. on Sep 23, 2016 8:04:22 AM

Ransomware has grabbed mainstream media attention recently but it’s nothing new – in fact, its origins can be traced back to floppy disk times. Part of ransomware’s new found notoriety is certainly due to the criminals’ latest target of choice, the healthcare industry, which is considered sacrosanct to most. And ransomware’s very nature lends itself to news-worthy headlines. Unlike other types of malware which rely on stealth to infiltrate systems or quietly siphon off data, ransomware boldly declares its presence and intent, often with a clever name to go with it.

Read More

Topics: Exploits, Ransomware

Reflections on Black Hat USA

Posted by Arthur Braunstein on Aug 17, 2016 6:49:53 PM

 

This year’s Black Hat USA conference was bigger and badder than ever, with attendance up nearly 30% according to show organizers. Of all the security conferences, Black Hat has the most clear divide between the technical practitioner side and the security vendors, and the main themes varied depending on which side of the divide you were standing.  From the practitioner side, these ranged from enhancing technical skills (excellent training) to strategies and threats, to leadership and alignment with the business. The instructors and presenters were world class, the content was superb, and thoughtfulness and creativity were everywhere.

All good for the practitioners and kudos to the organizers. On the vendor side, things were a little more nuanced.

Read More

Topics: Exploits, Moving Target Defense, Endpoint Security

Protect Your Company against Exploit Kits with Moving Target Defense

Posted by Michael Gorelik on Jul 12, 2016 12:10:54 PM

There are kits for everything these days: beer brewing, engine tuning, and, yes, hacking. Hacking's “exploit kits” (EKs)—toolkits with packaged exploit codes—let almost anyone become a digital intruder, from the guy down the hall to the nation-state operator oceans away. I'm going to share some key areas you need to be aware of when preparing for an EK-driven attack.

Read More

Topics: Exploits, Endpoint Security, Exploit Kit

Dridex is Back with a Vengeance. Adding More Evasion Techniques to its Arsenal.

Posted by Michael Gorelik on Jul 2, 2016 8:29:11 PM

The disappearance of Angler has left a gaping hole in the malware market which cybercriminals are only to happy to fill with new variants of old standbys. The latest to reemerge after a period of disuse are Locky and Dridex. A new Locky campaign spotted in the wild on June 20 is analyzed by Pierluigi Paganini on the Security Affairs site. Now a bigger and badder Dridex has reappeared, with more sophisticated evasion tactics, including a new sandbox evasion technique.

Read More

Topics: Exploits, Exploit Kit, Sandbox evasion, Attack Analysis

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts