Cyber Security Blog

As always, RSAC sneaks up and the rush is on! Get ready to look at the 700+ vendors on the expo floor, engage with over 50K people descending on Moscone Center, and prepare yourself for the onslaught of the following:

You may have noticed something different about the Morphisec website. If so, thank you. That means you are helping Morphisec continue to climb in the Google ranks :).

But seriously, we have redesigned the new site, not just to look better (although we hope you find it as appealing as we do), or to reflect our brand better

This post was authored by Michael Gorelik, Alon Groisman and Bruno Braga.

A new, highly sophisticated campaign that delivers the Orcus Remote Access Trojan is hitting victims in ongoing, targeted attacks. Morphisec identified the campaign after receiving notifications from its advanced prevention solution at several deployment sites.

Industry best practices demand patching software vulnerabilities as soon as a patch is released, in order to shorten the time period in which the organization is at risk. But industry surveys show that IT organizations are overburdened with patches, and many IT administrators admit they simply can’t keep up.

Make 2019 the year you focus on the ROI of your cybersecurity initiatives.

By now you’ve heard all the 2019 predictions from cybersecurity vendors and practitioners. As every year, many are insightful and thought-provoking, some meant to invoke self-serving fear and doubt about the next big threat, others just repeats from the year prior.

Just in time for the new year, Morphisec has released a new version of our Endpoint Threat Prevention platform. Version 3.0 features enhanced, advanced analytics and SOC dashboarding, richer, SOC-enabled threat intelligence capabilities, and a new pre-installation application adware sanitizer module.

Let’s face it – there are a lot of threat reports and threat data floating around. What makes the Morphisec Labs Threat Report different is the type of threats it analyzes. It focuses on the threats that pose a real risk to organizations, the ones that get past standard and next-generation AI antivirus.

Today Adobe disclosed a new Flash zero-day, releasing a patch for the critical vulnerability in an out-of-band update. Successful exploitation gives attackers the ability to execute arbitrary code on the targeted machine, and eventually assume full system control. Morphisec customers are already protected from attacks exploiting this vulnerability.

Note: This post was updated 11-30-18 with details of a new intercepted attack. See technical description below.

Over the past three days, Morphisec Labs researchers have discovered a widespread cyber campaign hitting multiple targets. Morphisec researchers dubbed the campaign “Pied Piper”as it delivers various Remote Access Trojan (RAT) payloads via phishing, across multiple countries.