Tor/FireFox Zero-Day prevented by Morphisec

Posted by Ursula Ron on Dec 7, 2016 1:37:14 PM

The FireFox zero-day recently used in the wild made headlines when TOR users that fell victim to the attack lost the one thing they were looking for: anonymous browsing. Speculation ran rife that the exploit may have been created by the FBI or another governmental agency, especially as the attack resembled past investigations used to identify Tor users.

Read More

Topics: Exploits, Zero-day, Patching, cyberattacks

Microsoft Patch Tuesday: All or Nothing Patching

Posted by Netta Schmeidler on Oct 12, 2016 8:09:12 AM

Microsoft released its October patching update today and, as announced, it introduces a major change that has many system administrators wondering just what to do.

Read More

Topics: Industry News, Patching, cybersecurity

Socrates and Cyber Security

Posted by Arthur Braunstein on May 25, 2016 11:40:10 PM

The ancients’ experience of modern computing was limited to say the least, but they gave us a nice framework, the Socratic Method , that moderns can use for dealing with the problem of cyber security. The Socratic Method is a process of question and response, designed to challenge and eliminate bad ideas, refine good ideas, and arrive at sound conclusions. If it worked for Socrates, maybe it will work for us. Here is dialogue that unfolds between Socrates and the Security Architect of, for the purposes of this exercise, the Bank of The Peloponnese.

Read More

Topics: Patching, Endpoint Security, cybersecurity

Badlock – the Burst of a Bug Bubble

Posted by Michael Gorelik on Apr 13, 2016 1:37:57 PM

After the burst of the bug bubble, I’m left wondering who at SerNet decided the Badlock marketing campaign was a good idea and why.  It certainly was not, as claimed, to raise awareness for a critical bug that needed immediate patching.

Read More

Topics: Moving Target Defense, Patching

The Pain of Patching

Posted by Ronen Yehoshua on Feb 2, 2016 11:46:52 AM

The pain of patching - how to achieve a strategic balance between security, compliance and business goals

Modern cyber attacks are targeted, stealthy and evasive. Cybercriminals commonly attempt to penetrate enterprise networks by exploiting vulnerabilities in applications, web browsers and operating systems. The best defense available to enterprises is to rapidly patch these vulnerabilities -- or is it?

Read More

Topics: Patching

Patch Me if You Can

Posted by Mordechai Guri, Ph.D. on Dec 7, 2015 8:50:47 AM

Earlier this year, Microsoft announced its Windows updates for business, which was proclaimed as a way to "empower IT Professionals to keep the Windows devices in their organization always up to date with the latest security defenses and Windows features." If there is one thing most IT Pros agree on, it is that patching is a pain – it is something that must be done for the long-term security of the organization, but it is disruptive so it gets delayed (and the new Microsoft service will attempt to shorten these delays). And even worse than the business interruption patching causes, on its own, patching is never sufficient.

Read More

Topics: 0-day exploits, Zero-day, Patching

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....