Building Security Resiliency Into Critical Infrastructure

Posted by Mordechai Guri, Ph.D. on Apr 18, 2017 8:24:37 AM

 

This article previously appeared on Information Management. Mordechai Guri is Chief Science Officer at Morphisec.

National Cybersecurity Awareness Month closed by focusing on scenarios straight out of action movies and nightmares – attacks on our critical infrastructure. These days, however, the threat is more likely to come from an innocent seeming email than bomb-toting terrorists à la Die Hard.

Utilities, hospitals, transportation systems, and all the other systems our communities and countries depend on are increasingly digitally controlled and connected. This brings tremendous productivity and reliability gains: better alignment of supply and demand, predictive maintenance planning, predictive outage response, instantaneous sharing of vital data and more. In some cases, like health care, it can make the difference between life and death.

Read More

Topics: Attacks, Advanced Persistent Threats, Endpoint Security, cybersecurity

Cyber Defense Reinvented - Israel Dealmakers Summit 2017

Posted by Ronen Yehoshua on Apr 3, 2017 10:49:48 AM

Last week I had the pleasure of speaking at the Israeli Dealmakers Summit in Silicon Valley. With over a thousand of the world’s top corporations, investors and entrepreneurs, it’s known as the largest and most prestigious Israel-focused business event. While it was exciting to participate, the real privilege was to be able to help showcase the innovative ideas and technology coming out of Israel.

Read More

Topics: Company, Moving Target Defense, Endpoint Security, cybersecurity

Morphisec Discovers New Fileless Attack Framework

Posted by Michael Gorelik on Mar 16, 2017 7:55:00 PM

Morphisec Discovers New Fileless Attack Framework

Ties Single Threat Actor Group to Multiple Campaigns, Interacts with Hacker.

On the 8th of March, Morphisec researchers began investigating a new fileless threat delivered via a macro-enabled Word document, which was attached to a phishing email sent to targeted high-profile enterprises. During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much discussed attack campaigns.

Read More

Topics: Attacks, cybersecurity, Attack Analysis, fileless attacks

Andromeda’s Five Star Custom Packer – Hackers’ Tactics Analyzed

Posted by Roy Moshailov on Mar 13, 2017 8:08:50 AM

Packer-based malware is malware which is modified in the runtime memory using different and sophisticated compression techniques. Such malware is hard to detect by known malware scanners and anti-virus solutions. In addition, it is a cheap way for hackers to recreate new signatures for the same malware on the fly simply by changing the encryption/packing method. Packers themselves are not malware; attackers use this tactic to obfuscate the code’s real intention.

Read More

Topics: Attacks, Sandbox evasion, cybersecurity, Attack Analysis, Custom Packer

RSAC 2017: Is the cybersecurity industry about keeping up with the Joneses?

Posted by Omri Dotan on Feb 27, 2017 2:55:20 PM

There is no shortage of product announcements in the security industry, and this focus was clearly on display at the recent RSA Conference 2017. And while many attendees went in with high hopes of finally glimpsing the revolution that security experts have been calling for or discovering a solution that will fundamentally change the current, failing endpoint security paradigm – our cybersecurity challenges remain unaffected by the plethora of solutions. Instead of  focusing on security for the modern age, companies are continuing to build products and solutions that are feeding into the problem rather than reducing risk. Has the industry become more about having the latest and greatest solution to “keep up with the Joneses” rather than focusing on what we should be building now to prepare for the security challenges we will face tomorrow?

Read More

Topics: Industry News, cybersecurity

Ready for RSAC and a New Take on Endpoint Security?

Posted by Morphisec Team on Feb 9, 2017 9:16:00 AM

One of the biggest cybersecurity events of the year, held in one of the most beautiful cities in the world, is almost upon us. The 2017 RSA Conference in San Francisco opens next week, and Morphisec's top experts will be on hand to discuss your security and business challenges. Learn more about Morphisec Endpoint Threat Prevention the first and only solution to use Moving Target Defense technology to prevent zero-days, evasive malware, ransomware and advanced attacks in real-time.

Read More

Topics: Events, Product, Endpoint Security, cybersecurity

Hedge Funds Need to Hedge Against Hackers

Posted by Omri Dotan on Feb 1, 2017 9:55:46 AM

Hedge funds are coming under increasingly heavy fire from attackers and regulators alike. A 2015 report issued by the SEC that examined more than 100 financial companies found that 88 per cent of broker-dealers and 74 per cent of investment advisers have experienced a cyberattack directly or through one or more of their vendors.

Read More

Topics: Endpoint Security, CISO, cybersecurity

Meet Us at CyberTech Tel Aviv

Posted by Morphisec Team on Jan 27, 2017 11:29:11 PM

Morphisec brings its team of cyber security experts to CyberTech Tel Aviv next week, January 30 to February 2. Meet the faces behind the pioneering Moving Target Defense technology that’s disrupting the endpoint security field.

Read More

Topics: Events, Product, Endpoint Security, cybersecurity

How to Build an Economically-Driven Cyber Defense Strategy

Posted by Ronen Yehoshua on Jan 27, 2017 1:07:55 AM

Today, a few hackers may be ideologically motivated, but the majority of attacks are financially-driven crimes. This is seen most clearly in the rise of ransomware; no mystery, just pure and simple extortion. And consider the latest victim of choice, the healthcare industry, sacrosanct in most people’s eyes but merely a lucrative, vulnerable target to cybercriminals. As such, cybercrime follows the economic rules of any business – reward must outweigh costs – and should be confronted on those terms.

Read More

Topics: Endpoint Security, CISO, cybersecurity, cyberattacks

Cybersecurity Predictions for  2017 - Round 4

Posted by Morphisec Team on Jan 2, 2017 7:47:41 AM

Welcome to 2017!  What should we expect in cybersecurity in 2017? Our final post of cybersecurity predictions is from Adrian Asher, CISO for the London Stock Exchange Group and Morphisec Advisory Board member. He looks at upcoming developments in several key cybersecurity areas and offers some suggestions for moving forward.

Read More

Topics: Endpoint Security, cybersecurity, cyberattacks, Cybersecurity Predictions 2017

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....