Moving Target Defense Blog

With summer waning, kids back in school, and year-end quotas looming, we’re coming up to the busiest business travel season of the year. From September through November, business travelers log more trips than any other period. Most organizations take pains to keep their road warriors comfortable and protected from travel hazards, but what about the many lurking cyber risks?

With their highly valuable payment card and personal sensitive information, Point-of-Sale (POS) systems present a ripe target for cybercrime groups. A successful breach can have enormous consequences for the attacked organization, from detecting and responding, to notifying victims, post-response support, lost business and potentially hefty government fines. Modern POS environments are complicated systems with multiple entry points for attack, from phishing emails or drive-by-download exploits on employee computers to vulnerable third-party suppliers. And while payment card security standards have introduced a basic protection framework, POS-attacks have not abated under the regulations — some of the largest breaches of the past several years are due to POS systems attacks.

Cybercrime has turned its attention toward city and regional governments and the scale and scope of the problem will continue to grow. That was one of the main threads at the recent U.S. House of Representatives hearing on Cybersecurity Challenges for State and Local Governments

Despite enormous investments in cybersecurity by their financial service providers, customers still feel that they are not doing enough to protect their financial assets and data. That was just one of the findings of Morphisec's new 2019 Consumer Finance Cybersecurity Threat Index.

It seems that the only thing constant about cybersecurity (besides change) is our love of acronyms. We get it, time is too short for wasted words. But this can make it even more difficult to wade through the varied, often overlapping claims, of an already confusing space.

If it’s April, it’s award season, and Morphisec just took home several official, plus some unofficial, awards. At the MIDMRKT CIO Forum, Morphisec won the top Vendor Excellence award for Best Software Solution. These awards recognize leading solution providers for their collaboration, strategic influence, and technical innovation across the midmarket.

Despite HIPAA regulations designed to keep them informed on the security of their personal health data, patients still seem to be in the dark. That was just one of the findings of Morphisec's new 2019 Consumer Healthcare Cybersecurity Threat Index.

With October National Cybersecurity Awareness Month (NCSAM) and November Critical Infrastructure Security and Resilience Month, Morphisec is publishing a series posts on industries included in the DHS list of 16 critical infrastructure sectors.

When we think about critical infrastructure, we are more likely to think of energy or transportation before manufacturing, but the sector is crucial to national economic prosperity and continuity. As the Department of Homeland Security (DHS) points out, a direct attack on or

With October National Cybersecurity Awareness Month (NCSAM) and November Critical Infrastructure Security and Resilience Month, Morphisec is publishing a series posts on industries included in the DHS list of 16 critical infrastructure sectors.

The healthcare industry needs to focus on its own cyber health. That’s the upshot of the latest round of reports and announcements from industry experts across the board.

ECRI Institute, a leading patient safety and medical technology research organization, recently released their 2019 Top Health Technology Hazards. Cybersecurity topped the annual list,

The Fallout exploit kit, named for its similarities to the once notorious Nuclear exploit kit, already shows signs of reaching the levels of popularity of its namesake. Since its discovery by security researchers at the end of August, Fallout has been seen distributing the SmokeLoader trojan, GandCrab ransomware, CoalaBot, various potentially unwanted programs (PUPs) and, most recently, a new ransomware strain called SAVEfiles.