In late 2023, Microsoft Windows Server 2012 and 2012 R2 reached their end of life. Microsoft is ending free updates, bug fixes, and technical support to an operating system still used in hundreds of thousands of enterprise servers.
Read MoreRansomware has become one of the most prevalent and damaging forms of cybercrime in recent years, affecting businesses, governments and individuals worldwide. The 2024 Verizon Data Breach Investigations Report highlights ransomware as one of the...
Read MoreMandiant cybersecurity researchers recently released a blog on a memory-only dropper which uses a complex multi-stage infection process. This PowerShell-based downloader is being tracked as PEAKLIGHT. Mandiant researcher findings note that this...
Read MoreThe evolution of cybersecurity has been a journey of increasingly sophisticated defense innovations. It began with basic anti-virus (AV) software, which relied on static analysis to identify known threats by scanning binaries and files.
Read MoreAs part of our ongoing efforts to identify newer vulnerabilities in Microsoft Office applications, Morphisec researchers have discovered two additional critical vulnerabilities in the Microsoft Outlook application which were reported to Microsoft...
Read MoreThe cyber threat landscape is undeniably complex and dynamic. Traditional cybersecurity measures are struggling to detect and stop attacks before they can cause damage. The IBM Cost of a Data Breach Report for 2023 found that only one-third of...
Read MoreMorphisec has successfully identified and prevented a new variant of IDAT loader. This loader is used to deliver a range of malware payloads based on the attacker's assessment of the victim's system. Distinguished by its modular architecture, IDAT...
Read MoreCVE-2024-2883 is a critical vulnerability found in ANGLE, a component of Google Chrome and Microsoft Edge. The vulnerability is exploitable via crafted HTML pages, allowing remote attackers to exploit heap corruption. The potential impact is high,...
Read MoreThis blog examines the Akira Ransomware as a Service (RaaS) group, to understand their Tactics, Techniques, and Procedures (TTPs), and validate how Morphisec’s patented Anti-Ransomware solution powered by Automated Moving Target Defense (AMTD) can...
Read MoreHeap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Read MoreSecurity leaders are acutely aware of vulnerability risks. Organizations continue to allocate thousands of dollars to periodic vulnerability assessments, and thousands more to technology and resources for mitigation — yet vulnerability-based breach...
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Automated Moving Target Defense (157)
- Threat Research (135)
- Cyber Security News (132)
- Morphisec Labs (125)
- Morphisec News (54)
- Adaptive Exposure Management (14)
- Defense-in-Depth (13)
- Ransomware (12)
- Preemptive Security (11)
- Gartner (10)
- Continuous Threat Exposure Management (CTEM) (9)
- Microsoft (8)
- In-Memory Attacks (7)
- Healthcare Cybersecurity (6)
- Advanced Threat Defense (5)
- Legacy Security (5)
- Artificial Intelligence (4)
- Financial Cybersecurity (4)
- Linux Cybersecurity (4)
- Fileless Malware (3)
- Threat and Vulnerability Management (2)
- Managed Service Providers (1)