The Fallout Exploit Kit, named for its similarities to the once notorious Nuclear exploit kit, already shows signs of reaching the levels of popularity of its namesake. Since its discovery by security researchers at the end of August, Fallout has been seen distributing the SmokeLoader trojan, GandCrab ransomware, CoalaBot, various potentially unwanted programs (PUPs) and, most recently, a new ransomware strain called SAVEfiles.
Read MoreFileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade most security solutions.
Read More
Ransomware remained a major cybersecurity threat in 2017, leaving a trail of victims across all industries, company sizes and geographical borders. Phishing emails are the top ransomware delivery mechanism and they grow in number and sophistication daily. According to IBM, the number of ransomware-infected emails increased 6,000% this year. And the days of easily spotted spelling mistakes and obvious scams are long gone. Today’s phishing attacks are clever and subtle enough to trick even security veterans.
Read MorePacker-based malware is malware which is modified in the runtime memory using different and sophisticated compression techniques. Such malware is hard to detect by known malware scanners and anti-virus solutions. In addition, it is a cheap way for hackers to recreate new signatures for the same malware on the fly simply by changing the encryption/packing method. Packers themselves are not malware; attackers use this tactic to obfuscate the code’s real intention.
Read MoreThe full report is also available as PDF.
On December 12, 2016 Morphisec identified and monitored a new wave of sophisticated malware delivered via targeted phishing emails with malicious macro-based documents attached. The malicious documents themselves use a clever, new social engineering technique to convince the target to enable macros. Once enabled, the document calls an unknown downloader that resembles the Cerber downloader, but employs new obfuscation techniques.
Read MoreThe disappearance of Angler has left a gaping hole in the malware market which cybercriminals are only to happy to fill with new variants of old standbys. The latest to reemerge after a period of disuse are Locky and Dridex. A new Locky campaign spotted in the wild on June 20 is analyzed by Pierluigi Paganini on the Security Affairs site. Now a bigger and badder Dridex has reappeared, with more sophisticated evasion tactics, including a new sandbox evasion technique.
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Cyber Security (98)
- Endpoint Security (83)
- Cyber Attacks (48)
- Attack Analysis (46)
- Company News (38)
- Moving Target Defense (37)
- Morphisec Labs (35)
- Ransomware (31)
- Exploits (30)
- Threat Alerts (19)
- Threat Profile (19)
- Fileless Attacks (18)
- Industry News (18)
- Zero-day (17)
- APT (16)
- Research (15)
- CISO (14)
- Events (14)
- Product (12)
- Malware (11)
- 0-day exploits (10)
- Security News (10)
- Patching (9)
- Sandbox evasion (6)
- VDI (6)
- advanced endpoint protection (6)
- virtual desktop security (6)
- Exploit Kit (5)
- Microsoft (5)
- Mordechai Guri (5)
- Remote Employees (5)
- Threat Report (5)
- Work from Home Security (5)
- virtual desktop infrastructure (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- Cyber Security Stack (4)
- Proactive Cyber Defense (4)
- Ransomware Prevention (4)
- Remote Access Trojan (4)
- cloud workload security (4)
- Angler Kit (3)
- Cyber threat landscape (3)
- Cybersecurity Measures (3)
- FIN7 (3)
- Holidays (3)
- Malspam (3)
- Proactive Endpoint Protection (3)
- cloud workload protection (3)
- remote workforce (3)
- vdi security (3)
- Case Study (2)
- Collaboration Applications (2)
- Evasive Malware (2)
- Hospital Cybersecurity (2)
- Linux Security (2)
- MLTR (2)
- MS Office Exploits (2)
- POS (2)
- Proactive Prevention (2)
- Security Stack (2)
- State and Local Government Cybersecurity (2)
- Threat Research (2)
- Webinars (2)
- cloud security (2)
- non-persistent VDI (2)
- proactive cloud workload security (2)
- protect cloud workloads (2)
- Antivirus (1)
- Banking Trojans (1)
- COVID-19 ransomware prevention (1)
- Cerber (1)
- Citized Threat Index (1)
- Cobalt Group (1)
- Crypters (1)
- Cuba ransomware gang (1)
- Cyber Hygiene (1)
- Cyber hygiene practices (1)
- Cybersecurity Spending (1)
- Defender for Endpoint (1)
- Defending infrastructure against cyber threats (1)
- EDR (1)
- Egregor (1)
- Egregor ransomware (1)
- Emerging cyber threats (1)
- Emerging threats (1)
- Endpoint Detection and Response (1)
- Exchange Server (1)
- FALLOUT EXPLOIT KIT (1)
- Fallout activity (1)
- Flash wrapper (1)
- FlawedAmmyy (1)
- GDPR (1)
- GOOGLE FUNDING SECURITY DEVELOPMENT (1)
- GRANDCRAB RANSOMWARE (1)
- Gozi (1)
- HEALTHCARE CYBERSECURITY (1)
- HEALTHCARE'S CYBERSECURITY WEAK SPOTS (1)
- Hancitor (1)
- Healthcare (1)
- Higher Education Cybersecurity (1)
- Hospitality Threat Index (1)
- Hotel Cybersecurity (1)
- Kovter (1)
- MODERN CYBERSECURITY (1)
- Microsoft Defender (1)
- Morphisec Guard (1)
- NGAV (1)
- OCR Bypass (1)
- OS-Native Security (1)
- Osiris (1)
- POS intrusions (1)
- PROTECT YOURSELF FROM GRANDCRAB (1)
- Phobos ransomware (1)
- Pied Piper Campaign (1)
- Product News (1)
- REMOTE COLLABORATION APPLICATIONS (1)
- RYUK RANSOMWARE (1)
- Retail Cybersecurity (1)
- Risk Reduction (1)
- SECURITY RESILIENCY (1)
- SecOps (1)
- Server Security (1)
- Supply Chain attack (1)
- ThreadKit (1)
- Ursnif (1)
- Zoom Security (1)
- advanced cyberthreat tactics (1)
- advanced threat prevention (1)
- advanced threat tactics (1)
- antivirus scanning processes (1)
- aslr meaning (1)
- browser attacks (1)
- cloud misconfigurations (1)
- code injection (1)
- cyber defense technology (1)
- cyber prevention mechanisms (1)
- cyber strategies (1)
- cyberattack landscape (1)
- cybersecurity acronyms (1)
- cybersecurity resilience (1)
- end to end visibility (1)
- endpoint security breaches (1)
- fallout protection (1)
- financial cyberattacks (1)
- financial cyberthreat (1)
- financial system threat (1)
- healthcare phishing schemes (1)
- malware authors (1)
- patch management processes (1)
- persistent VDI (1)
- proactive threat prevention (1)
- remote collaboration app security loopholes (1)
- remote workforce hidden risks (1)
- retail cybersecurity risks (1)
- threat prevention (1)
- virtual endpoints (1)
- zoom malware (1)
- zoom weaknesses (1)