<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

Threat Alert: Flash Vulnerability CVE-2018-5002

Posted by Morphisec Team on June 22, 2018 at 4:33 PM

Adobe disclosed that a Flash zero-day was being exploited in targeted attacks against Windows users. The critical vulnerability was discovered and independently reported by several security firms. Successful exploitation of the vulnerability allows arbitrary code execution which can ultimately lead to an attacker assuming full system control.

Read More

Topics: Threat Alerts, Zero-day, Cyber Security

Introducing the First-ever Morphisec Labs Threat Report

Posted by Michael Gorelik on June 20, 2018 at 9:58 AM

So far, 2018 has turned out to be anything but business as usual, at least on the cybersecurity front. The revelation about CPU vulnerabilities Meltdown and Spectre (and all the offshoots); the explosion in cryptojacking – which is likely even more widespread than current estimates; the lightning speed at which the newest sophisticated attack technology is adopted by mass market criminals.

Read More

Topics: MLTR, Threat Report, Research, CISO, Mordechai Guri, Endpoint Security, Cyber Security

AI Security – Who is it Really Outsmarting?

Posted by Tom Bain on June 14, 2018 at 1:18 PM

We all wish we were smarter. And I believe that the vast majority of people, in some way, strive to GET smarter.

As someone who has been involved in the cybersecurity industry for years, and watched it evolve, I see countless companies in this market using the aspect of intelligence to position themselves as being smarter than others. But if you have to proclaim your intelligence, are you actually smart? Or even smarter than me? Or than the next company?

Read More

Topics: Cyber Security, Endpoint Security, Moving Target Defense, CISO

CVE-2018-8174 Blows the VBScript Attack Door Wide Open

Posted by Michael Gorelik on May 25, 2018 at 5:42 PM

 

In April, researchers at Qihoo 360 Core Security Division discovered a VBScript vulnerability actively exploited in targeted attacks. Since then, it has appeared in additional attack campaigns. The vulnerability, CVE-2018-8174, dubbed "Double Kill",  is significant on several counts.

Read More

Topics: Threat Profile, Threat Alerts, Exploits, Cyber Security

Case Study: Dan Hotel Group Stays Off the Breach List

Posted by Shelley Leveson on May 17, 2018 at 11:50 PM

 

If you’ve stayed at any large hotel chain in the past year, there’s a good chance your personal details have been compromised. According to Verizon’s 2018 Data Breach Investigations Report, the accommodation industry had one of the highest number of breaches, second only to healthcare. 

Read More

Topics: Endpoint Security, Cyber Security, Case Study, CISO

Morphisec Honored at MMCIO Spring Forum

Posted by Shelley Leveson on May 3, 2018 at 1:02 PM

Morphisec is honored to have received awards in three out of six categories at this year's Midmarket CIO Spring Forum. The annual Vendor Excellence and Midmarket CIO Awards recognize leaders in technology collaboration. 

Over 77% of all cyber crimes target small and midsize enterprises. According to the 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) report by the Ponemon Institute, cyberattacks cost small and medium-sized businesses an average of $2,235,000.

Read More

Topics: Company News, Cyber Security, CISO

Women Underrepresented at RSAC - Let's Do Something About It

Posted by Netta Schmeidler on April 19, 2018 at 5:27 PM

 

Although I’m excited to be at the RSA Conference with my Morphisec colleagues, it reminds me of the impetus for starting our Women in Cybersecurity Scholarship. Of 28 keynote speakers at RSAC, only seven are women, and six of these were added at the last minute following a string of scathing tweets and articles. This 25% figure seems to be the average percentage in the general sessions as well. I attended several that were one woman in a panel of four, a few that had only male speakers and a single session that had a majority female panel. If I had to guess the overall attendee and exhibitor gender split I’d say it fell along the same lines, but that percent is skewed by the number of women simply scanning badges.

Read More

Topics: Events, Cyber Security, Company News

Morphisec Joins Citrix Ready Partner Program

Posted by Shelley Leveson on April 17, 2018 at 9:42 AM

Morphisec Moving Target Defense verified as Citrix Ready to enhance protection with Citrix XenApp and XenDesktop

Read More

Topics: Cyber Security, Endpoint Security, Industry News, Company News, Moving Target Defense

ESG Report Reviews Morphisec for Advanced Prevention Defense

Posted by Shelley Leveson on April 12, 2018 at 5:11 PM

CISOs face an escalating battle on two fronts: externally from ever-more sophisticated attackers and internally in managing all the threat protection and additional security layers they put in to stop them. And they are losing. Despite added technology complexity and operational overhead, cyber criminals still manage to get past defenses.

According to a a new report from analyst firm ESG, 72% of organizations believe that security operations are more difficult today than they were two years ago yet 54% still suffered at least one security incident.

Read More

Topics: Cyber Security, Endpoint Security, Industry News, Company News, Moving Target Defense

The Lazarus Group Strikes Again - Or is it an Imposter? The Latest CVE-2018-4878 Attack

Posted by Michael Gorelik on March 2, 2018 at 2:13 AM

The Lazarus Group, also known as Hidden Cobra, may be in play again. The notorious cybercrime group is allegedly responsible for some of the most devastating attacks over the past few years, including the SWIFT network hack that stole $81 million Central Bank of Bangladesh issued and the 2014 destructive wiper attack against Sony Pictures. Some also link the WannaCry ransomware breakout to the same group.

Many of the existing reports covering the Lazarus attacks suggest links to North Korea. In fact, Hidden Cobra is the U.S. Government’s designation for malicious cyber activity conducted by the North Korean government.

On February 28, 2018, Morphisec Labs identified and prevented a suspicious document uploaded to VirusTotal that exploits the latest Flash vulnerability CVE-2018-4878. While analyzing the exploit and the downloaded payload, we immediately identified a near-perfect match to many of the techniques used during various attacks that are attributed to the Lazarus Group.

Read More

Topics: Threat Profile, Cyber Security, Exploits

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts