As of January 10th 2023, Windows 7, Windows 8, 8.1, their Windows embedded derivatives, and Windows Server 2008 R2 will no longer receive patches from Microsoft. Millions of devices will now become "legacy" and create a suite of new legacy security...
Read MoreToday’s cyber security solutions aren’t countering threat actors’ advanced attacks. In the wake of the SolarWinds breach, even the largest companies and most-secure public agencies have had serious vulnerabilities exposed. If existing solutions...
Read MoreOn December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. [see “Protecting Against the Log4J Vulnerability”] Countless millions of devices instantly became at risk of attack,...
Read MoreOn December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Now, almost one week later, it is clear that countless millions of devices are at risk, and Log4j may rank among the...
Read MoreRansomware attacks are soaring. By the end of this year, the global costs incurred by ransomware will be more than $20 billion annually – 57 times what they were in 2015 . For individual organizations feeling the sharp end of this exponential rise,...
Read MoreAlmost a year after an international law enforcement effort supposedly defeated it, Emotet, aka "the world's most dangerous botnet," has returned. Earlier this week, German security researcher Luca Ebach reported seeing malware with Emotet-like...
Read MoreIn the past month, Morphisec has investigated the origin of several increasingly prevalent infostealers. These include Redline, Taurus, Tesla, and Amadey.
As part of our research, we identified pay-per-click (PPC) ads in Google’s search results that...
Read MoreThe developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we...
Read MoreMicrosoft recently published details of an attack showing how a threat actor used zero-day exploits to access Microsoft Exchange Servers. The new exploit enabled access to email accounts and allowed the installation of additional malware to...
Read MoreIntroducing egregor ransomware
Egregor is considered to be one of the most prolific ransomware threat groups. Yet it gained this reputation in a very short time due to its uncompromising double extortion methodology.
Read MoreIntroduction
The Agent Tesla information stealer has been around since 2014. During the last two to three years, it's also had a significant distribution growth factor partially due to the fact that cracked versions of it have been leaked.
Read MoreGarmin has confirmed that the recent outage its users experienced was indeed the result of a successful ransomware attack. However, the extent of the damage done is still unclear. The attack, which compromised Garmin’s servers for five days,...
Read MoreAdvanced persistent threats describes the highly evolved nature of today’s cyberattacks. Hackers have developed sophisticated techniques – in-memory exploits, living-off-the-land attacks, remote access trojans, and more – that allow them to evade...
Read MoreSince early March, the team at Morphisec Labs has been supporting enterprises as they shift to distributed workforces in response to COVID-19. From assisting hospitals with securing their remote workers to uncovering new weaknesses in collaboration...
Read MoreAs part of a rapid change in the work environment during the COVID-19 pandemic, Morphisec Labs has been tracking the change in the attack trend landscape. This has included the evolution of adware, PUA, and fraudulent software bundle delivery beyond...
Read MoreThe rise of fileless attacks in the past 10 years has stymied even the best antivirus software. Traditional AV is designed to detect known signatures of known malware and prevent it from executing. Fileless attacks lack a signature, which allows it...
Read MoreEDITOR'S NOTE: The previous version of this blog post mis-identified the source of this attack as the FIN7 group; GRIFFON and OSTAP are both very long javascripts that have many similarities. This caused the confusion in identifying the attack as...
Read MoreIn August of 2019, just a month after our publication on a targeted BitPaymer/IEncrypt campaign, Morphisec identified a new and alarming evasion technique that the same adversaries adopted while targeting yet another enterprise in the automotive...
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Moving Target Defense (127)
- Cyber Security News (119)
- Morphisec Labs (107)
- Threat Post (57)
- Threat Research (55)
- Morphisec News (52)
- in-memory attacks (6)
- Defense-in-Depth (4)
- runtime attacks (4)
- Linux cyber security (3)
- advanced threat defense (3)
- patch management (2)
- threat and vulnerability management (2)
- Anti-tampering (1)
- Automated Moving Target Defense (1)
- ChatGPT (1)
- Evasive loader (1)
- Fileless malware (1)
- Gartner (1)
- Gartner Emerging Tech (1)
- Gartner endpoint protection (1)
- Healthcare cybersecurity (1)
- IoT security (1)
- Legacy security (1)
- Ransomware (1)
- Securing IoT devices (1)
- Server security (1)
- financial cybersecurity (1)