Cybersecurity Blog

A recent faulty configuration file in CrowdStrike's Falcon platform caused a significant IT disruption, rendering millions of Windows machines inoperable. The result was a multi-day outage event, which affected critical sectors such as airlines,...

When it comes to endpoint security, Microsoft Defender for Endpoint stands out as a popular choice. It's the fastest-growing endpoint protection platform, boasting over 19% market share, and for good reason — Microsoft Defender for Endpoint provides...

The many factors that influence the threat landscape make predicting its path nearly impossible. But as security professionals, observing attack trends can help us anticipate shifts and respond from a position of strength. As a community we tend to...

Morphisec researchers have identified a significant vulnerability, CVE-2024-38021 — a zero-click remote code execution (RCE) vulnerability that impacts most Microsoft Outlook applications.

Security configurations are the backbone of a robust cybersecurity framework. Ensuring these configurations are correctly set across your environment is crucial for defending against potential breaches.

Maintaining a robust security posture is paramount in today’s ever-evolving cybersecurity landscape — and effective security controls management is a critical component of this effort.  

When it comes to the cybersecurity tech stack, many teams admittedly suffer from tech bloat. In many ways the continuous evolution of the threat landscape and an ever-growing list of unique use cases has made tech bloat inevitable. Tools...

In the ever-evolving landscape of cybersecurity, staying ahead of threats is paramount. At Morphisec, our team of dedicated researchers continuously strives to identify and mitigate emerging vulnerabilities to protect organizations worldwide. 

...

Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a group suspected to have geopolitical and/or hacktivist ties. While the group’s geographical origin and home base remain unclear, recent attack techniques...

The cyber threat landscape is undeniably complex and dynamic. Traditional cybersecurity measures are struggling to detect and stop attacks before they can cause damage. The IBM Cost of a Data Breach Report for 2023 found that only one-third of...

As the threat landscape evolves, it presents ever-increasing risks and costs driven by progressive factors like financial incentives for threat actors, the availability of malware, expanding attack surfaces, and the sophisticated capabilities of...

Morphisec has successfully identified and prevented a new variant of IDAT loader. This loader is used to deliver a range of malware payloads based on the attacker's assessment of the victim's system. Distinguished by its modular architecture, IDAT...

Morphisec announced the launch of the Anti-Ransomware Assurance Suite to help organizations pre-emptively reduce exposure to cyber risk, proactively prevent advance threats and ensure optimal anti-ransomware defense. Powered by Automated Moving...

Globally, ransomware is big business, with millions of attacks targeting organizations every day. Not every attack is financially successful, but with keen attention to detail, attackers have (and continue to) tune tactics, making ransomware a...

When it comes to endpoint security, Microsoft Defender for Endpoint is a popular choice, and is the fastest growing endpoint protection platform, boasting over 19% market share. Additionally, the solution is consistently named a “leader” in the...

CVE-2024-2883 is a critical vulnerability found in ANGLE, a component of Google Chrome and Microsoft Edge. The vulnerability is exploitable via crafted HTML pages, allowing remote attackers to exploit heap corruption. The potential impact is high,...

Recently, Morphisec Labs identified a significant increase in activity linked to Mispadu (also known as URSA), a banking trojan first flagged by ESET in 2019. Initially concentrated on LATAM countries and Spanish-speaking individuals, Mispadu has...

(Updated March 29th, 2024)

The National Vulnerability Database (NVD) has long been a crucial resource for organizations in managing their vulnerability lifecycle and ensuring the security of their systems. However, recent developments have...

Morphisec Threat Labs recently discovered multiple indicators of attacks leading to threat actor, UAC-0184. This discovery sheds light on the notorious IDAT loader delivering the Remcos Remote Access Trojan (RAT) to a Ukrainian entity based in...