<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Morphisec Labs on October 16, 2019

In this blog, we will present some findings on how NanoCore RAT 1.2.2.0 is actively being delivered in new and different ways that we discovered at Morphisec Labs in the last couple of months. Specifically, we will focus on the sophisticated fileless methods for delivering the RAT without touching the disk.

Read More
Posted by Michael Gorelik on October 10, 2019

In August of 2019, just a month after our publication on a targeted BitPaymer/IEncrypt campaign, Morphisec identified a new and alarming evasion technique that the same adversaries adopted while targeting yet another enterprise in the automotive industry.

Read More
Posted by Shelley Leveson on August 29, 2019

With summer waning, kids back in school, and year-end quotas looming, we’re coming up to the busiest business travel season of the year. From September through November, business travelers log more trips than any other period. Most organizations take pains to keep their road warriors comfortable and protected from travel hazards, but what about the many lurking cyber risks?

Read More
Posted by Morphisec Labs on August 16, 2019

This week, headlines blew up with warnings of a design flaw in the CTF subsystem (msctf) of the Windows Text Services Framework that affects all current Windows systems and those going back as far as twenty years.

Read More
Posted by Shelley Leveson on July 30, 2019

With their highly valuable payment card and personal sensitive information, Point-of-Sale (POS) systems present a ripe target for cybercrime groups. A successful breach can have enormous consequences for the attacked organization, from detecting and responding, to notifying victims, post-response support, lost business and potentially hefty government fines. Modern POS environments are complicated systems with multiple entry points for attack, from phishing emails or drive-by-download exploits on employee computers to vulnerable third-party suppliers. And while payment card security standards have introduced a basic protection framework, POS-attacks have not abated under the regulations — some of the largest breaches of the past several years are due to POS attacks.

Read More
Posted by Arnold Osipov on July 18, 2019

Morphisec Labs recently investigated an ongoing BitPaymer ransomware campaign that has been attacking companies across the U.S., both public and private, over the last 3 months.

Read More
Posted by Shelley Leveson on July 15, 2019

Cybercrime has turned its attention toward city and regional governments and the scale and scope of the problem will continue to grow. That was one of the main threads at the recent U.S. House of Representatives hearing on Cybersecurity Challenges for State and Local Governments

Read More
Posted by Ronen Yehoshua on May 3, 2019

Enterprises migrating to or already on Windows 10 have the perfect opportunity to greatly improve their security profile and simplify operations at the same time – without incurring more costs. The key is fully leveraging the integrated Windows 10 security tools while adding innovative technology purpose built to provide a critical protection layer against advanced memory attacks, exploits, fileless attacks, zero-days and evasive malware. Those integrated security tools include Windows Defender antivirus and that disruptive technology is Morphisec’s Moving Target Defense.

Read More
Posted by Andrew Homer on April 23, 2019

When looking at cyber defense best practices and models, one driving question, which also keeps CISOs up at night, is this:

What's the best way to orchestrate security telemetry and processes so that SOC operators and security teams can prevent more threats and scale threat response as a formidable force multiplier against the onslaught of unknown attacks and exploits?

Read More
Posted by Shelley Leveson on April 15, 2019

It seems that the only thing constant about cybersecurity (besides change) is our love of acronyms. We get it, time is too short for wasted words. But this can make it even more difficult to wade through the varied, often overlapping claims, of an already confusing space.

Read More