Recent Webinar: Building an Adaptive Cyber Resilient Cloud
arrow-white arrow-white Watch now
close
Posted by Daniel Petrillo on March 6, 2020

We’re in the middle of a shift between on-premises server workloads and cloud workloads. The shift started around 10 years ago and will likely continue for the next two decades. After the past decade of cloud adoption, according to 451 Research,...

Read More
Posted by Michael Gorelik on February 28, 2020

EDITOR'S NOTE: The previous version of this blog post mis-identified the source of this attack as the FIN7 group; GRIFFON and OSTAP are both very long javascripts that have many similarities. This caused the confusion in identifying the attack as...

Read More
Posted by Andrew Homer on February 25, 2020

Organizations in every industry and at every level of government face more cyberattacks each day. According to Ponemon Institute’s recent research, 68 percent of organizations note an increased frequency of attacks against their endpoints. Often,...

Read More
Posted by Matthew Delman on February 12, 2020

Protecting your organization from advanced threats has always been difficult. Adversaries innovate constantly, changing their attack vectors and finding new ways to infiltrate their target environment. The Trickbot trojan is one of the best...

Read More
Posted by Arnold Osipov on January 30, 2020

The Trickbot trojan is one of the most advanced malware delivery vehicles currently in use. Attackers have leveraged it to deliver a wide variety of malicious code, in many different methods. Just yesterday, Bleeping Computer reported that news...

Read More
Posted by Andrew Homer on January 21, 2020

Recently, news came out about a CVE-2020-0674 vulnerability in Microsoft’s Internet Explorer scripting engine based on how the browser handles memory. More specifically, within the JScript component of the scripting engine is an unspecified memory...

Read More
Posted by Daniel Petrillo on January 16, 2020

Antivirus protection is a baseline cost of doing business for the modern organization. At first, companies and governments only needed signature-based antivirus that tracked known malware. As fileless malware and exploits accelerated, next-gen...

Read More
Posted by Matthew Delman on January 8, 2020

The 2018 Starwood Hotels breach is only the latest in a long line of high profile intrusions that hotels have faced. It’s notable primarily for how many customer records were exposed — 500 million worldwide according to parent company Marriott — and...

Read More
Posted by Morphisec Team on December 24, 2019
Posted by Arnold Osipov on December 19, 2019

A whopping 186.4 million Americans shopped in stores and online between Black Friday and Cyber Monday this year, according to the National Retail Federation. On average, these shoppers spent $361.90 per person over the five-day Thanksgiving weekend.

Read More
Posted by Alon Groisman on December 18, 2019

In April 2019, attackers who breached IT supplier Wipro leveraged the ConnectWise Control (formerly ScreenConnect) remote desktop application as a major component of their attack.

Read More
Posted by Matthew Delman on December 4, 2019

Retailers aren’t the only ones who benefit from the holiday shopping season. Cyberattacks cost retailers more than $30 billion annually, and losses often mount during the highly profitable holiday season.

Read More
Posted by Daniel Petrillo on November 20, 2019

Last week, Intezer and IBM X-Force released new research identifying a new form of ransomware, which they named PureLocker. Written in PureBasic and designed to attack servers, this damaging new malware has been described as Malware-as-a-Service in...

Read More
Posted by Morphisec Labs on October 16, 2019

In this blog, we will present some findings on how NanoCore RAT 1.2.2.0 is actively being delivered in new and different ways that we discovered at Morphisec Labs in the last couple of months. Specifically, we will focus on the sophisticated...

Read More
Posted by Michael Gorelik on October 10, 2019

In August of 2019, just a month after our publication on a targeted BitPaymer/IEncrypt campaign, Morphisec identified a new and alarming evasion technique that the same adversaries adopted while targeting yet another enterprise in the automotive...

Read More
Posted by Shelley Leveson on August 29, 2019

With summer waning, kids back in school, and year-end quotas looming, we’re coming up to the busiest business travel season of the year. From September through November, business travelers log more trips than any other period. Most organizations...

Read More
Posted by Morphisec Labs on August 16, 2019

This week, headlines blew up with warnings of a design flaw in the CTF subsystem (msctf) of the Windows Text Services Framework that affects all current Windows systems and those going back as far as twenty years.

Read More
Posted by Netta Schmeidler on August 7, 2019

For the second year in a row, Morphisec has awarded three scholarships to top female students pursuing cybersecurity degrees around the world. The latest numbers still place women’s employment in the cybersecurity industry at only 24%, but the...

Read More
Posted by Arnold Osipov on August 6, 2019

Last week, a new strain of ransomware hit dozens of targets across Germany. The categorization as ransomware is really a misnomer as, while the attackers do demand a ransom, by that time the victim’s data has already been irreversibly wiped, even if...

Read More
Posted by Shelley Leveson on July 30, 2019

With their highly valuable payment card and personal sensitive information, Point-of-Sale (POS) systems present a ripe target for cybercrime groups. A successful breach can have enormous consequences for the attacked organization, from detecting and...

Read More