We’re back after a skipped Security News in Review last week. In this week’s edition of our roundup of the biggest cybersecurity news stories, we have reporting on ransomware attacks shutting down Underwriters Laboratories and a payment processor widely used by state and municipal governments, as well as a report on Google partnering with the Linux Foundation to hire two people whose sole job will be to improve the security of the Linux kernel.
Read MoreMicrosoft Defender Antivirus suffers from a perception problem. For the first decade of its existence, starting with its 2006 release, Defender was a much-maligned piece of software that no business would use to protect its endpoints. That’s no longer the case. Defender has today evolved into a competent and competitive endpoint security platform backed by one of the world’s largest companies. This improvement didn’t happen by accident.
Read MoreIntroducing egregor ransomware
Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.
Read MoreEvery week, the Morphisec team works hard to bring you the top stories from around the security media-sphere to make your job and securing your critical infrastructure easier.
In today’s weekly edition of Security News in Review, you’ll find news from Microsoft about keeping your defenses up despite Emotet’s disruption, a new Google Chrome 0-day that affects Windows and Mac users, and reporting about a ransomware attack on utility company Electrobras.
Read MoreIntroduction
During the period between January 15 and 20, Morphisec identified a significant campaign targeting multiple German customers from the manufacturing industry. Targeted personnel were redirected to compromised websites that were, and still are, delivering advanced fileless downloaders that eventually lead to an Osiris client with a bundled mini-Tor communicating to a C2 onion Tor panel.
Read MoreIntroduction
In this post, we will be covering CinaRAT loader`s evasive TTPs (tactics, techniques, and procedures) as have been identified and prevented by Morphisec’s zero-trust endpoint security solution, powered by moving target defense technology.
Read MoreEvery week, the Morphisec team works hard to bring you the top stories from around the security media-sphere to make your job and securing your critical infrastructure easier.
Read MoreAs the fallout from this past December's SolarWinds cyberattack settles, it is clear that the hack didn't just compromise federal organizations. The SolarWinds attack now appears to have infected government networks from federal departments all the way down to state and local government bodies. That a state-sponsored attack would proliferate beyond its initial targets is no surprise. However, the fact that this attack impacted all government levels also highlights a broader trend. State and local government networks are no less of a target than their federal counterparts for cybercriminals.
Read MoreIn today’s weekly edition of Security News in Review, the Morphisec team is bringing you stories about how a cyberattack forced a Belgian hospital to redirect patients, the discovery of yet another malware strain used in the SolarWinds attack, and the launch of a new campaign from CISA to reduce the risk of ransomware.
Read MoreBefore COVID-19 started making headlines earlier this year, government departments might have been considered unlikely candidates for making large scale remote working a success. However, with service levels maintained across the public sector despite challenging circumstances, this assumption has been thoroughly disproven.
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Cyber Security (98)
- Endpoint Security (81)
- Cyber Attacks (48)
- Attack Analysis (46)
- Company News (38)
- Moving Target Defense (37)
- Morphisec Labs (32)
- Exploits (30)
- Ransomware (25)
- Threat Alerts (19)
- Threat Profile (19)
- Fileless Attacks (18)
- Industry News (17)
- Zero-day (17)
- APT (16)
- Research (15)
- CISO (14)
- Events (14)
- Product (12)
- 0-day exploits (10)
- Malware (10)
- Patching (9)
- Sandbox evasion (6)
- VDI (6)
- advanced endpoint protection (6)
- virtual desktop security (6)
- Exploit Kit (5)
- Mordechai Guri (5)
- Remote Employees (5)
- Security News (5)
- Work from Home Security (5)
- virtual desktop infrastructure (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- Proactive Cyber Defense (4)
- Threat Report (4)
- cloud workload security (4)
- Angler Kit (3)
- Cyber Security Stack (3)
- FIN7 (3)
- Holidays (3)
- Malspam (3)
- Proactive Endpoint Protection (3)
- Ransomware Prevention (3)
- Remote Access Trojan (3)
- cloud workload protection (3)
- remote workforce (3)
- vdi security (3)
- Case Study (2)
- Collaboration Applications (2)
- Cyber threat landscape (2)
- Hospital Cybersecurity (2)
- MLTR (2)
- MS Office Exploits (2)
- Microsoft (2)
- POS (2)
- Proactive Prevention (2)
- Security Stack (2)
- State and Local Government Cybersecurity (2)
- Threat Research (2)
- Webinars (2)
- cloud security (2)
- non-persistent VDI (2)
- proactive cloud workload security (2)
- protect cloud workloads (2)
- Antivirus (1)
- Banking Trojans (1)
- Cerber (1)
- Citized Threat Index (1)
- Cobalt Group (1)
- Cyber Hygiene (1)
- Cyber hygiene practices (1)
- Cybersecurity Measures (1)
- Defender for Endpoint (1)
- Defending infrastructure against cyber threats (1)
- EDR (1)
- Egregor (1)
- Egregor ransomware (1)
- Emerging cyber threats (1)
- Emerging threats (1)
- Endpoint Detection and Response (1)
- Evasive Malware (1)
- FALLOUT EXPLOIT KIT (1)
- Fallout activity (1)
- Flash wrapper (1)
- FlawedAmmyy (1)
- GDPR (1)
- GRANDCRAB RANSOMWARE (1)
- Gozi (1)
- HEALTHCARE CYBERSECURITY (1)
- HEALTHCARE'S CYBERSECURITY WEAK SPOTS (1)
- Hancitor (1)
- Healthcare (1)
- Higher Education Cybersecurity (1)
- Hospitality Threat Index (1)
- Hotel Cybersecurity (1)
- Kovter (1)
- Linux Security (1)
- Microsoft Defender (1)
- Morphisec Guard (1)
- NGAV (1)
- OCR Bypass (1)
- Osiris (1)
- POS intrusions (1)
- PROTECT YOURSELF FROM GRANDCRAB (1)
- Pied Piper Campaign (1)
- Product News (1)
- REMOTE COLLABORATION APPLICATIONS (1)
- Retail Cybersecurity (1)
- Risk Reduction (1)
- SECURITY RESILIENCY (1)
- SecOps (1)
- Supply Chain attack (1)
- ThreadKit (1)
- Ursnif (1)
- Zoom Security (1)
- advanced cyberthreat tactics (1)
- advanced threat prevention (1)
- advanced threat tactics (1)
- antivirus scanning processes (1)
- aslr meaning (1)
- browser attacks (1)
- cloud misconfigurations (1)
- code injection (1)
- cyber defense technology (1)
- cyber prevention mechanisms (1)
- cyber strategies (1)
- cyberattack landscape (1)
- cybersecurity resilience (1)
- end to end visibility (1)
- endpoint security breaches (1)
- fallout protection (1)
- financial cyberattacks (1)
- financial cyberthreat (1)
- financial system threat (1)
- healthcare phishing schemes (1)
- malware authors (1)
- patch management processes (1)
- persistent VDI (1)
- proactive threat prevention (1)
- remote collaboration app security loopholes (1)
- remote workforce hidden risks (1)
- retail cybersecurity risks (1)
- threat prevention (1)
- virtual endpoints (1)
- zoom malware (1)
- zoom weaknesses (1)