Cybersecurity Blog

When it comes to the cybersecurity tech stack, many teams admittedly suffer from tech bloat. In many ways the continuous evolution of the threat landscape and an ever-growing list of unique use cases has made tech bloat inevitable. Tools...

Ransomware has become one of the most prevalent and damaging forms of cybercrime in recent years, affecting businesses, governments and individuals worldwide. The 2024 Verizon Data Breach Investigations Report highlights ransomware as one of the...

Recently, Morphisec Threat Labs identified and prevented multiple sophisticated Lua malware variants targeting the educational sector. These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community.

Artificial Intelligence (AI) has revolutionized nearly every sector, and cybersecurity is no exception. As cyber threats become increasingly sophisticated, AI is transforming how both vendors and defenders approach these evolving challenges. I...

As cyber threats continue to evolve, it's clear that traditional, static security measures are no longer sufficient. Organizations must embrace innovative approaches to stay ahead of sophisticated attackers. 

Mandiant cybersecurity researchers recently released a blog on a memory-only dropper which uses a complex multi-stage infection process. This PowerShell-based downloader is being tracked as PEAKLIGHT. Mandiant researcher findings note that this...

In today's rapidly evolving cybersecurity landscape, effective vulnerability management is a cornerstone of maintaining a robust security posture. Yet despite investing significant resources into regular vulnerability assessments and mitigation...

In the rapidly evolving landscape of cybersecurity threats, a new adversary has emerged, drawing inspiration from one of the internet’s most enigmatic puzzles—Cicada3301. This new threat, dubbed Cicada3301 ransomware, was identified in a Morphisec...

The evolution of cybersecurity has been a journey of increasingly sophisticated defense innovations. It began with basic anti-virus (AV) software, which relied on static analysis to identify known threats by scanning binaries and files. 

Global financial stability is facing an unprecedented threat due to the escalating frequency and sophistication of cyberattacks. According to a recent report by the International Monetary Fund (IMF), the financial sector continues to be a prime...

Once considered a passing fad, ransomware attacks have consistently risen in frequency and complexity. New research from Cyentia confirms ransomware’s threat dominance — its findings note that ransomware accounts for 32% of all security incidents...

Automated Moving Target Defense (AMTD) has been recognized in the Gartner Hype Cycle for Endpoint and Workspace Security, 2024 report, in its ‘on the rise’ category. Morphisec is named as a Sample Vendor in the AMTD category for the second year in a...

Recently, Morphisec researchers discovered a vulnerability in Microsoft Outlook that can lead to remote code execution (RCE). This vulnerability, identified as CVE-2024-38021, highlights a significant security flaw within the Microsoft Outlook...

As part of our ongoing efforts to identify newer vulnerabilities in Microsoft Office applications, Morphisec researchers have discovered two additional critical vulnerabilities in the Microsoft Outlook application which were reported to Microsoft...

Recently, Morphisec researchers discovered a vulnerability in Microsoft Outlook, which highlights the potential for remote code execution within the context of the Outlook application. This newly identified vulnerability, CVE-2024-30103, allows...

In the rapidly evolving landscape of cybersecurity, the Managed Detection and Response (MDR) market has undergone significant transformations. What began as a reactive approach focused on detecting and responding to threats has now matured into a...

Cyber-attacks targeting healthcare facilities ruthlessly exploit personal, vulnerable and highly sensitive information. It’s one of the few industries where attacks can lead to life and death scenarios.

The Crowdstrike and Windows outage highlighted a new reality for all companies: IT systems are critical infrastructure. 

A recent faulty configuration file in CrowdStrike's Falcon platform caused a significant IT disruption, rendering millions of Windows machines inoperable. The result was a multi-day outage event, which affected critical sectors such as airlines,...