Fileless Malware: Attack Trend Exposed

Posted by Michael Gorelik on November 30, 2017 at 1:22 AM

A report co-authored by Michael Gorelik, CTO and VP R&D, and Roy Moshailov, Malware Research Expert at Morphisec.

Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade current detection solutions.

Read More

Topics: Cyber Attacks, Research, Attack Analysis, Fileless Attacks

FIN7 Dissected: Hackers Accelerate Pace of Innovation

Posted by Michael Gorelik on October 13, 2017 at 3:23 PM

 

Read More

Topics: Research, Endpoint Security, Cyber Security, Attack Analysis

RIG exploit kit returns, with modified pattern and free generated “freenom” domains

Posted by Michael Gorelik on September 26, 2017 at 11:20 PM

 

This report was authored by: Michael Gorelik and Assaf Kachlon.

Last week’s malware news was filled with the CCleaner backdoor exposed by Morphisec’s security solution. This week Morphisec uncovered another ongoing malware campaign, this one a drive-by-download attack that uses a modified version of the old (in hacker time) favorite, the RIG exploit kit.

First appearing in 2014, RIG generally uses gates to redirect victims from a compromised website to a landing page that contains the EK, exploiting vulnerabilities in JavaScript, Flash and VBscript in the infection chain.

Over the past 10 days, Morphisec's Threat Prevention Solution stopped a modified RIG exploit kit distributed to a large number of customers in a major drive by download campaign. Upon customer notification about the web-borne attack, we immediately identified the type of exploit kit and the delivered exploits. We reported the abuse of the registered domains to Freenom.com, the domain registration entity.

Read More

Topics: Research, Endpoint Security, Cyber Security, Attack Analysis

Morphisec Discovers CCleaner Backdoor Saving Millions of Avast Users

Posted by Michael Gorelik on September 18, 2017 at 9:40 PM

 

As widely reported today, the Avast-owned security application CCleaner was illegally modified by hackers to establish a backdoor to the hackers’ server. According to Avast, some 2.27 million users were running the weaponized version 5.33 of CCleaner. In addition, the CCleaner’s cloud version 1.07 was affected. Morphisec was first to uncover the CCleaner Backdoor saving millions of Avast user. 

Morphisec first identified and prevented malicious CCleaner.exe installations on August 20 and 21, 2017 at customer sites. Some customers shared their logs of the prevented attacks with Morphisec on September 11, 2017.Morphisec started to investigate the prevention logs right away.

Read More

Topics: Research, Endpoint Security, Cyber Security, Attack Analysis

Security Products: It’s Not a Vulnerability, it’s a Feature

Posted by Michael Gorelik on January 13, 2016 at 4:23 PM

The recent discovery of vulnerabilities in antivirus software by enSilo sparked curiosity among the Morphisec Labs team. After a long deep dive and to our surprise, our research found that the vulnerability wasn’t an unintentional flaw in the code, it was a feature! Here is how it works.

Read More

Topics: Research

Encrypted Flash Exploit that Bypasses Mitigations Found In the Wild

Posted by Michael Gorelik on October 1, 2015 at 12:03 PM

One of our favorite things to do is to reproduce exploits in our research labs. We do this for two main reasons: first, because we are naturally curious, and second, to constantly ensure that our solution prevents these exploits natively (spoiler: it does ;).

Read More

Topics: Exploits, Research, Attack Analysis

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts