Windows, Drivers and Digital Signatures

Posted by Itai Sanders on Jan 12, 2017 9:08:39 PM

 

How to Make Your Driver Digitally Signed to Work Across Multiple Windows OS Versions Upon the Latest Changes in Certificate Standards

Software compatibility is a core value and a major concern here at Morphisec. Deploying for multiple clients with various environments requires us to maintain our product compatibility on all levels with operation systems as old as Windows 7 all the way to the newest Windows 10

Read More

Topics: Product

Cybersecurity Predictions for  2017 - Round 4

Posted by Morphisec Team on Jan 2, 2017 7:47:41 AM

Welcome to 2017!  What should we expect in cybersecurity in 2017? Our final post of cybersecurity predictions is from Adrian Asher, CISO for the London Stock Exchange Group and Morphisec Advisory Board member. He looks at upcoming developments in several key cybersecurity areas and offers some suggestions for moving forward.

Read More

Topics: Endpoint Security, cybersecurity, cyberattacks, Cybersecurity Predictions 2017

Happy 2017!

Posted by Morphisec Team on Dec 30, 2016 9:01:39 AM

Morphisec wishes you a joyful holiday season and a happy (and secure) 2017!  

Read More

Topics: Company

Cybersecurity Predictions for  2017 - Round 3

Posted by Morphisec Team on Dec 28, 2016 7:51:29 PM

As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017.

Today’s post is from Morphisec’s Chief Business Officer, Omri Dotan. He analyzes key emerging trends to understand what they mean for the future of security technology.

Read More

Topics: cybersecurity, cyberattacks, Cybersecurity Predictions 2017

Evasive Malware Campaign with Faked HM Revenue and Customs Attachment

Posted by Roy Moshailov on Dec 27, 2016 1:32:32 PM

 The full report is also available as PDF. 

On December 12, 2016 Morphisec identified and monitored a new wave of sophisticated malware delivered via targeted phishing emails with malicious macro-based documents attached. The malicious documents themselves use a clever, new social engineering technique to convince the target to enable macros. Once enabled, the document calls an unknown downloader that resembles the Cerber downloader, but employs new obfuscation techniques.

Read More

Topics: Sandbox evasion, Attack Analysis

Cybersecurity Predictions for  2017 - Round 2

Posted by Morphisec Team on Dec 22, 2016 9:10:30 PM

As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017.

Today’s post is from Michael Gorelik, Morphisec VP R&D. He takes a look at the future in endpoint technology developments, both from a security and attack point of view.

Read More

Topics: Zero-day, cybersecurity, VDI, cyberattacks, Cybersecurity Predictions 2017

Cybersecurity Predictions for  2017

Posted by Morphisec Team on Dec 14, 2016 8:02:26 AM

As an eventful 2016 draws to a close, what should we expect in cybersecurity for 2017? In this blog series, Morphisec’s security experts predict trends and technologies in 2017. Today’s post is from Netta Schmeidler, Morphisec VP Product.

Read More

Topics: ransomware, cybersecurity, cyberattacks, Cybersecurity Predictions 2017

Attack Alert: Another Month, Another Hancitor Variant

Posted by Ursula Ron on Dec 8, 2016 11:23:02 AM

They’re starting to be as reliable as clockwork. Every 3-4 weeks a new wave of Hancitor campaigns hits, with improved targeting and new tricks to evade detection. The latest variant comes via a malicious MS Word attachment to a fairly convincing email. How do we know? Our own CEO, Ronen Yehoshua, was one of the latest targets.  Maybe the folks behind Hancitor liked our technical analysis (or get the original Hancitor report in PDF format) of the last attack so much that they wanted to deliver a new version for analysis personally.

Read More

Topics: Attack Analysis, Hancitor

Tor/FireFox Zero-Day prevented by Morphisec

Posted by Ursula Ron on Dec 7, 2016 1:37:14 PM

The FireFox zero-day recently used in the wild made headlines when TOR users that fell victim to the attack lost the one thing they were looking for: anonymous browsing. Speculation ran rife that the exploit may have been created by the FBI or another governmental agency, especially as the attack resembled past investigations used to identify Tor users.

Read More

Topics: Exploits, Zero-day, Patching, cyberattacks

Calculating the Costs of Patching

Posted by Netta Schmeidler on Dec 4, 2016 2:12:02 PM

 

This is the second blog post in a series of excerpts from the ebook (download here) “Know Your Cyber Security ROI: Making the Business Case for Cyber Security.” The first post introduced the concept of cybersecurity implicit ROI and the factors that determine the expected value of your cybersecurity operations. It also outlined the three attack phases and the correlation between attack phase and organizational cost.

This post examines the first attack phase and the costs associated with precautionary measures during this phase:

Organizations employ many precautions and actions in the attempt to block cyber attacks. Such measures can require significant time and resources to implement as well as maintain. This class of tools includes endpoint security solutions such as anti-virus, protection and detection systems as well as gateway solutions.

Every enterprise includes software patching as part of its security system to some extent. Because of its widespread use and marked impact on business processes, we will examine patching as an example of direct and indirect costs to your organization.

Read More

Topics: Endpoint Security, CISO, cybersecurity

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....