Attack Analysis

FEATURED-Obfuscated VBScript-Analysis

Obfuscated VBScript Drops Zloader, Ursnif, Qakbot, Dridex

| | Attack Analysis, cyber attacks, Malware, Morphisec Labs
The Morphisec Labs team has tracked an obfuscated VBScript package in campaigns since March 2020. Initially, the malware campaign was focused on targets within Germany, but has since moved on to additional ...
Morphisec Moving Target Defense Blog
Zeppelin Ransomware 2019-12-17

ConnectWise Control Abused Again to Deliver Zeppelin Ransomware

| | Attack Analysis, Morphisec Labs, Ransomware, research
In April 2019, attackers who breached IT supplier Wipro leveraged the ConnectWise Control (formerly ScreenConnect) remote desktop application as a major component of their attack ...
Morphisec Moving Target Defense Blog
Nanocore Under the Microscope

Nanocore Under the Microscope

| | Attack Analysis, cyber attacks, Cyber Security, Endpoint security, Morphisec Labs, research
In this blog, we will present some findings on how NanoCore RAT 1.2.2.0 is actively being delivered in new and different ways that we discovered at Morphisec Labs in the last couple ...
Morphisec Default Blog
blogpost-image-pos-attack

Security Alert: FIN8 is Back in Business, Targeting the Hospitality Industry

| | Attack Analysis, cyber attacks, Cyber Security, fileless attacks, Threat Alerts
During the period of March to May 2019, Morphisec Labs observed a new, highly sophisticated variant of the ShellTea / PunchBuggy backdoor malware that attempted to infiltrate a number of machines within ...
Morphisec Default Blog
blogpost-header-hworm

A look at Hworm / Houdini AKA njRAT

| | Attack Analysis, cyber attacks, fileless attacks, Morphisec Labs
Hworm/njRAT is a Remote Access Tool (RAT) that first appeared in 2013 in targeted attacks against the international energy industry, primarily in the Middle East. It was soon commoditized and is now ...
Morphisec Default Blog
blogpost-image-ASUS-attack

Inside the ASUS Supply chain attack

| | Attack Analysis, Cyber Security, Morphisec Labs, supply chain attack
Introduction This week, Kaspersky Lab reported initial details of a new supply chain attack on systems by computer giant ASUS. Dubbed ShadowHammer by Kaspersky, the attack leveraged a malicious version of ASUS ...
Morphisec Default Blog
blogpost-image-pos-attack

New Global Attack on Point of Sale Systems

| | Attack Analysis, Cyber Security, Morphisec Labs, research, Threat Profile
This post was authored by Michael Gorelik and Alon Groisman. Over the past 8-10 weeks, Morphisec has been tracking multiple sophisticated attacks targeting Point of Sale thin clients globally ...
Morphisec Default Blog
Phone Motion Sensors: The New Attack Vector

Phone Motion Sensors: The New Attack Vector

| | Attack Analysis, Attack Vectors, Information Security
Quite likely, this subterfuge attack, utilizing one of the more clever methods to evade detection to date, is the new attaque-du-jour ...
Infosecurity.US
Proof(s)

Proof(s)

| | Attack Analysis, Attack Kill Chain, Attack-Proof Code, attacks, Code
Kevin Hartnett, Senior Writer at Quanta Magazine, expounds on the notion of formal code verification when utilzied to provide assurance of attack-proof code... Similar to unsinkable ocean liners, or truly attack-proof? Or, ...
Infosecurity.US
Illustration from the Kaspersky Labs Document .

Six Years The Lurker

| | APT, Attack Analysis, security bloggers network, Vulnerabilities, Vulnerability Research, Vulnerable Systems
Illustration from the Kaspersky Labs Document. Dan Goodin, writing at ArsTechnica, provides us with the surreptitious history of the malice-filled code-miscreant APT monikered Slingshot; of which, is apparently an alternatative mwthod of ...
Infosecurity.US