Cyberattacks are growing more sophisticated every day and many are now engineered to bypass EDR solutions. Threat actors today now choose when, where and how to attack, knowing the various detection methods used by those systems.
BE’ER SHEVA, Israel and BOSTON (PRWEB) November 04, 2019
Michael Gorelik, Chief Technology Officer at Morphisec, is set to present at the 3rd Annual CyberSecurity International Symposium in Chicago at 1 p.m. on Tuesday, November 5, 2019. With today’s sophisticated attacks, such as those from threat actors FIN8, FIN7, and FIN6, engineered to bypass EDR solutions, Gorelik’s presentation, “EDR: A False Sense of Security?,” will look at case studies and cover the different relevant techniques employed by the advanced groups to bypass behavior-based solutions, static-based scanning solutions, and whitelisting-based solutions.
The presentation comes on the heels of Gorelik and his team at Morphisec Labs discovering the widely publicized Apple zero-day vulnerability that was exploited by Bitpaymer ransomware. The discovery was the latest in a series of high profile threats discovered by Morphisec Labs over the last few years, including hackers exploiting a backdoor with Avast’s CCleaner and FIN8 targeting the hospitality industry. Morphisec provides a crucial, small-footprint memory-defense layer that easily deploys into a company’s existing security infrastructure to form a simple, highly effective, cost-efficient prevention stack that is truly disruptive in thwarting advanced attacks like these.
Within his presentation, Gorelik will demonstrate bypass techniques using a framework developed for Red Teamers called Total Evasion, which is derived from the Inception, SharpShooter, DotNetToJScript and Metasploit frameworks, and is based on a set of widely-deployed fileless attack techniques. Gorelik will also examine in detail the full attack chain of a fileless, living-off-the-land attack, looking at the various mechanisms used by security tools to detect attacks, and analyzing each stage of the attack to understand the evasive techniques it uses to remain undetected.
Attendees will deconstruct the various mechanisms security tools employ to detect attacks and learn more about the evasive techniques attacks use at every stage to remain undetected. They’ll also be able to connect their knowledge from the defense and attack aspects of cybersecurity to gain a deeper understanding of the way advanced attacks are engineered to bypass EDR.
Gorelik has more than nine years of hands-on experience leading diverse cybersecurity software development projects and experience in the software industry in general. Prior to Morphisec, he was the VP R&D at MotionLogic GmbH and before that served in senior leadership positions at Deutsche Telekom Labs. Gorelik holds Bsc and Msc degrees from the Computer Science department at Ben-Gurion University, focusing on low-level synchronization in different OS architectures. He also has several patents to his name within the IT space.
“Cyberattacks are growing more sophisticated every day and many are now engineered to bypass EDR solutions. Threat actors today now choose when, where and how to attack, knowing the various detection methods used by those systems,” says Gorelik. “At Morphisec, my team and I have been uncovering how these threat actors are remaining undetected. I’m excited to present at the CyberSecurity International Symposium to help others gain a better understanding of how to prevent advanced and zero-day attacks.”
The 3rd Annual CyberSecurity International Symposium takes place from November 4 to 5, 2019. Gorelik will be speaking in the 1 p.m. to 3 p.m. Hackers and Evolving Threats: Perspectives and Insights slot on November 5, 2019, with IBM’s Senior Cyber Threat Intelligence Analyst, Microsoft’s Partner Security Architect David Branscome, Softchoice’s Modern Workplace Practice Architect Ross Haven, and Offensive Security’s CEO Ning Wang.
Morphisec offers an entirely new level of innovation to customers in its Endpoint Threat Prevention product, delivering protection against the most advanced cyberattacks. The company’s patented Moving Target Defense technology prevents threats others can’t, including APTs, zero-days, ransomware, evasive fileless attacks and web-borne exploits. Morphisec provides a crucial, small-footprint memory-defense layer that easily deploys into a company’s existing security infrastructure to form a simple, highly effective, cost-efficient prevention stack that is truly disruptive to today’s existing cybersecurity model.