<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

Threat Alert: Flash Vulnerability CVE-2018-5002

Posted by Morphisec Team on June 22, 2018 at 4:33 PM

Adobe disclosed that a Flash zero-day was being exploited in targeted attacks against Windows users. The critical vulnerability was discovered and independently reported by several security firms. Successful exploitation of the vulnerability allows arbitrary code execution which can ultimately lead to an attacker assuming full system control.

Read More

Topics: Zero-day, Cyber Security, Threat Alerts

[CRITICAL ALERT] CVE-2018-4990 Acrobat Reader DC Double-Free Vulnerability

Posted by Michael Gorelik on June 18, 2018 at 6:20 PM

 

After more than four years with no weaponized exploits for Adobe Acrobat Reader, researchers at ESET identified a weaponized PDF that allows attackers to execute arbitrary code on the targeted machine and eventually assume full system control. The PDF exploits two previously unknown vulnerabilities, Acrobat Reader vulnerability CVE-2018-4990 and a privilege escalation vulnerability in Microsoft Windows, CVE-2018-8120.

Adobe Reader has a built-in sandbox feature that usually makes exploitation difficult. By combining vulnerabilities, this attack achieves code execution and then bypasses the sandbox protection to fully compromise the targeted system.

Read More

Topics: Zero-day, Research, Endpoint Security, Attack Analysis, Threat Alerts

CVE-2018-4878: An Analysis of the Flash Player Hack

Posted by Michael Gorelik on February 8, 2018 at 7:30 AM

 

Before diving into the analysis of CVE-2018-4878, a quick reminder that this is the continuation of our previous post, which provided background on CVE-2018-4878, including a  video of how Morphisec prevents any attacks leveraging this Flash vulnerability. Morphisec prevents the attack at all phases and components in the attack chain – during the exploit, the shellcode, as well as the malware which is executed using wbscript.exe with additional in-memory command control code.

At the time of the previous post, the vulnerability was still a zero-day. Adobe released a new version that fixed the flaw yesterday. With that fix available, Morphisec is now free to release technical details of the attack.

Read More

Topics: Exploits, Cyber Attacks, Zero-day, Attack Analysis

Adobe Flash Zero-Day Prevented by Morphisec (CVE-2018-4878)

Posted by Michael Gorelik on February 6, 2018 at 9:10 AM

How an organization handles the time between the unleashing of a zero-day and the availability of a patch is telling. There are basically two kinds of companies – those that try to mitigate the risk as best they can while they wait for a patch and those that have a security tool able to prevent zero-days. The latest Flash-Player zero-day CVE-2018-4878 is yet another example.

Read More

Topics: Exploits, Cyber Attacks, Zero-day

Meltdown and Spectre Q&A

Posted by Morphisec Team on January 15, 2018 at 3:11 PM

The Meltdown and Spectre CPU vulnerabilities disclosed earlier this month generated a lot of noise and a lot of confusion. Our security experts received a deluge of questions from customers and industry personnel alike. Responding to this need, Morphisec CTO and VP R&D Michael Gorelik went on air to provide some answers. If you missed the webinar, you can watch it here.

Read More

Topics: Exploits, Zero-day, Cyber Security, Webinars

Threat Alert: Memory Corruption Vulnerability CVE-2017-11826

Posted by Morphisec Team on December 13, 2017 at 2:45 PM

Two days ago, researchers at TarLogic published a proof-of-concept APT that leverages CVE-2017-11826, a Microsoft Office 0-day vulnerability existing in all Office versions.  Microsoft issued a patch for the vulnerability in October, however many systems still remain at risk.

Read More

Topics: Cyber Attacks, 0-day exploits, Zero-day, Endpoint Security, APT, Threat Alerts

Iranian Fileless Attack Infiltrates Israeli Organizations

Posted by Michael Gorelik on April 27, 2017 at 12:11 PM

INTRODUCTION

From April 19-24, 2017, a politically-motivated, targeted campaign was carried out against numerous Israeli organizations. Morphisec researchers began investigating the attacks on April 24 and continue to uncover more details. Initial reports of the attacks, published April 26 (in Hebrew) by the Israel National Cyber Event Readiness Team (CERT-IL) and The Marker, confirm that the attack was delivered through compromised email accounts at Ben-Gurion University and sent to multiple targets across Israel. Ironically, Ben-Gurion University is home to Israel’s Cyber Security Research Center. Investigators put the origin of the attack as Iranian; Morphisec’s research supports this conclusion and attributes the attacks to the same infamous hacker group responsible for the OilRig malware campaigns.

Read More

Topics: 0-day exploits, Zero-day, Attack Analysis, Fileless Attacks

Cybersecurity Predictions for  2017 - Round 2

Posted by Morphisec Team on December 22, 2016 at 2:10 PM

As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017.

Today’s post is from Michael Gorelik, Morphisec VP R&D. He takes a look at the future in endpoint technology developments, both from a security and attack point of view.

Read More

Topics: Cyber Attacks, Zero-day, Cyber Security, VDI, Cyber Security Predictions 2017

Tor/FireFox Zero-Day prevented by Morphisec

Posted by Ursula Ron on December 7, 2016 at 6:37 AM

The FireFox zero-day recently used in the wild made headlines when TOR users that fell victim to the attack lost the one thing they were looking for: anonymous browsing. Speculation ran rife that the exploit may have been created by the FBI or another governmental agency, especially as the attack resembled past investigations used to identify Tor users.

Read More

Topics: Exploits, Cyber Attacks, Zero-day, Patching

Outsmarting Smart Malware

Posted by Shelley Leveson on June 1, 2016 at 1:40 AM

In an article published by Tech Crunch last week, tech reporter Ben Dickson investigates the new generation of smart malware. He manages to sum up the crux of the problem in two sentences: “Virus definition databases don’t seem to account for the growing number of new malware species and variants, especially when they’re smart enough to evade discovery. More devious genus of malware are succeeding at even duping advanced security tools that discover threats based on behavior analysis.”

Read More

Topics: Moving Target Defense, Zero-day, Cyber Security

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts