Best of 2017: Our Top 5 Posts of the Year

Posted by Morphisec Team on December 29, 2017 at 12:52 AM

 

Read More

Topics: Moving Target Defense, Cyber Security, Attack Analysis, Fileless Attacks

Happy Holidays and Best Wishes for 2018

Posted by Morphisec Team on December 23, 2017 at 2:07 AM

To all our readers: 

Thank you for being with us this year and for sharing our interest in changing cybersecurity for the better. 

We wish you a wonderful festive season and a successful 2018!

From,

The entire Morphisec team

 

Read More

Topics: Endpoint Security

Threat Profile: SIGMA Ransomware

Posted by Roy Moshailov on December 20, 2017 at 1:44 AM

 

Ransomware remained a major cybersecurity threat in 2017, leaving a trail of victims across all industries, company sizes and geographical borders. Phishing emails are the top ransomware delivery mechanism and they grow in number and sophistication daily. According to IBM, the number of ransomware-infected emails increased 6,000% this year. And the days of easily spotted spelling mistakes and obvious scams are long gone. Today’s phishing attacks are clever and subtle enough to trick even security veterans. 

Read More

Topics: Ransomware, Sandbox evasion, Cyber Security, Threat Profile

Threat Alert: Memory Corruption Vulnerability CVE-2017-11826

Posted by Morphisec Team on December 13, 2017 at 9:45 PM

Two days ago, researchers at TarLogic published a proof-of-concept APT that leverages CVE-2017-11826, a Microsoft Office 0-day vulnerability existing in all Office versions.  Microsoft issued a patch for the vulnerability in October, however many systems still remain at risk.

Read More

Topics: Cyber Attacks, 0-day exploits, Zero-day, Endpoint Security, APT, Threat Alerts

How to Create a Safer Shopping Experience

Posted by Mordechai Guri, Ph.D. on December 6, 2017 at 11:11 PM

The annual holiday season has arrived. The air grows crisp (at least in the Northern hemisphere), new, cool gadgets are released and cyberattacks, along with cologne ads, proliferate. Cyber threats aren’t deterring shoppers though: The National Retail Federation expects online holiday sales to increase by 7 to 10 percent over last year, reaching as much as $117 billion. With e-commerce attacks in Q3 2016 increasing by 60 percent over the previous year, shopping hazards can hit from all sides. From phishing sites to online card skimming to compromised terminals in stores; even gifts themselves pose security risks. Still, there is much both consumers and retailers can do in order to make an all around safer shopping experience.

Read More

Topics: Cyber Attacks, Endpoint Security, Cyber Security

Fileless Malware: Attack Trend Exposed

Posted by Michael Gorelik on November 30, 2017 at 1:22 AM

A report co-authored by Michael Gorelik, CTO and VP R&D, and Roy Moshailov, Malware Research Expert at Morphisec.

Fileless malware is a type of a malicious code execution technique that operates completely within process memory; no files are dropped onto the disk. Without any artifacts on the hard drive to detect, these attacks easily evade current detection solutions.

Read More

Topics: Cyber Attacks, Research, Attack Analysis, Fileless Attacks

Cybersecurity Scholarship Program Off and Running

Posted by Ursula Ron on November 18, 2017 at 1:16 AM

Last month, without much fanfare, Morphisec announced the launch of its Women in Cybersecurity Scholarships. The program arose from a chance discussion between Netta Schmeidler, our VP Product, and me. She was describing how she felt so lucky that an encounter in her life at a critical point led her down this career path. We began talking about what we as individuals, as a company and as an industry could do to encourage girls to explore the field.

Read More

Topics: Company News, Industry News, Cyber Security

Preventing Bad Rabbit Is Only Remarkable If It's Unremarkable

Posted by Arthur Braunstein on October 27, 2017 at 8:55 PM

In the last 48 hours, a hurricane of e-mails has crossed my Inbox, with breathless and self-congratulatory subject lines like "Our latest release detects Bad Rabbit" and "XYZ now protects XYZ customers from Bad Rabbit." In other words, "If you use our product, you were exposed to Bad Rabbit, but now that we know about it (from someone else) we deployed an update." Once you decode the messages, it’s clear that the content is not newsworthy, differentiating or exciting, it’s just an excuse to partake in the latest frenzy.

Read More

Topics: Cyber Attacks, Ransomware, Cyber Security

Career Path in Cybersecurity Still Steep for Women

Posted by Netta Schmeidler on October 25, 2017 at 5:35 AM

 

Much has been written about the high barriers to entry for women in cybersecurity. Certainly the numbers are depressing. Women make up just 11% of the world’s information security workforce, according to the 2017 Global Information Security Workforce Study. This is far behind other industries.

For example, in the U.S. women represent nearly 47% of total workers and 51.5 % of management and professional positions. They account for 60% of pharmacists and 34% of doctors. Even the IT and computing industry, notorious for low female participation, puts cybersecurity to shame with 26% of positions held by women.

Read More

Topics: Industry News, Cyber Security

Two KPIs Essential For Measuring Security Tools

Posted by Arthur Braunstein on October 19, 2017 at 8:38 PM

 

Last month I discussed cybersecurity effectiveness, particularly in regards to the growing threat of fileless attacks. But effectiveness is only one piece of the equation.

First and foremost businesses still need to go about their business. Unfortunately, it has long been the case that the more effective a cybersecurity tool is, the slower and more intrusive it is and the more effort it takes to manage it. The complexity and pain of managing – not buying, managing! – security tools often forces companies to reconcile themselves to unacceptable exposure, for example to security-related business disruption, for want of resources to manage cumbersome defensive technology.

Read More

Topics: Moving Target Defense, Endpoint Security, CISO, Cyber Security

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts