Recent Webinar: Building an Adaptive Cyber Resilient Cloud
arrow-white arrow-white Watch now
close
search_icon
blog Read the Blog
Get A Demo
search_icon
  • blog Read the Blog
  • Get A Demo

Webinar: Dynamic Endpoint Protection for Virtual Environments

Posted by Tom Bain on March 20, 2018
VDI security

Register for our webinar Dynamic Endpoint Protection for Virtual Environments on March 21, 2018.

Virtual Desktop Infrastructure (VDI) offers many advantages but it is not attack proof and highly advanced cyberattacks present an ever growing threat....

Read More

Security Flaw in Microsoft Code Integrity Guard (CIG)

Posted by Michael Gorelik on March 7, 2018
Microsoft Code Integrity Guard (CIG) Security Flaw

Morphisec researchers Michael Gorelik and Andrey Diment have discovered CIGslip, a new method which can be exploited by attackers to bypass Microsoft’s Code Integrity Guard and load malicious libraries into protected processes such as Microsoft Edge.

Read More

The Lazarus Group Strikes Again - The Latest CVE-2018-4878 Attack

Posted by Michael Gorelik on March 2, 2018
lazarus-CVE-2018-4878.jpg

The Lazarus Group, also known as Hidden Cobra, may be in play again. The notorious cybercrime group is allegedly responsible for some of the most devastating attacks over the past few years, including the SWIFT network hack that stole $81 million...

Read More

Flash Exploit CVE-2018-4878 - Part of Massive Malspam Campaign

Posted by Michael Gorelik on February 25, 2018
flash-CVE-2018-4878-malspam.jpg

On February 22, 2018, Morphisec Labs spotted several malicious word documents exploiting the latest Flash vulnerability CVE-2018-4878 in the wild in a massive malspam campaign. Adobe released a patch early February, but it will take some companies...

Read More

Threat Profile: GandCrab Ransomware

Posted by Roy Moshailov on February 23, 2018
GandCrab ransomware profile

GandCrab Ransomware

Here is a look at GandCrab ransomware and some techniques it uses to evade detection and analysis. These days, most malware employs long-chain attack and anti-analysis techniques to make it more difficult to detect the payload...

Read More

Series B Funding Round Validates Morphisec’s Groundbreaking Cybersecurity Technology

Posted by Ronen Yehoshua on February 19, 2018
roundb.png

When we founded Morphisec in 2014, it arose from the observation that too many endpoint protection solutions followed the same old paradigm, even if they were using more technologically sophisticated methods. We believed a fundamentally new approach...

Read More

CVE-2018-4878: An Analysis of the Flash Player Hack

Posted by Michael Gorelik on February 8, 2018
cve-2018-4878.jpg

Before diving into the analysis of CVE-2018-4878, a quick reminder that this is the continuation of our previous post, which provided background on CVE-2018-4878, including a  video of how Morphisec prevents any attacks leveraging this Flash...

Read More

Adobe Flash Zero-Day Prevented by Morphisec (CVE-2018-4878)

Posted by Michael Gorelik on February 6, 2018
gap-protection.jpg

How an organization handles the time between the unleashing of a zero-day and the availability of a patch is telling. There are basically two kinds of companies – those that try to mitigate the risk as best they can while they wait for a patch and...

Read More

Threat Profile: Microsoft Equation Editor Backdoor

Posted by Roy Moshailov on January 29, 2018
Microsoft Equation Editor Backdoor

Introduction

Towards the end of 2017, a group of researchers at Embedi discovered a Microsoft Office vulnerability that’s been quietly putting systems in danger for about 17 years. 

Read More

System Gap Protection During Patching Gaps

Posted by Tom Bain on January 22, 2018
patch gap.jpg

The recent Meltdown and Spectre CPU vulnerabilities took almost everyone by surprise.  Widespread panic was staved off only by the promise of a nearly-ready OS patching fix, which it turned out, excluded a large swath of systems and created its own ...

Read More

Meet Up With Morphisec and Get Cyber-Ready for 2018

Posted by Morphisec Team on January 17, 2018
upcomingevents.jpg

2018 is barely underway and we’re already seeing a whole new crop of cyber threats. Are you ready? Meet with Morphisec experts in person to find out how to build a lean, cost-effective security stack that protects your organization from whatever...

Read More

Meltdown and Spectre Q&A

Posted by Morphisec Team on January 15, 2018
spectre-meltdown-cpu-vulnerabilites.jpg

The Meltdown and Spectre CPU vulnerabilities disclosed earlier this month generated a lot of noise and a lot of confusion. Our security experts received a deluge of questions from customers and industry personnel alike. Responding to this need,...

Read More

Top Seven Cybersecurity Predictions for 2018

Posted by Morphisec Team on January 11, 2018
2018-predictions.jpg

With a turbulent 2017 finally behind us, what’s the cybersecurity forecast for 2018? Some predictions need no crystal ball – the cyber labor shortage will continue, spending on security solutions will go up, the breaches that do occur will be bigger...

Read More

Meltdown and Spectre Vulnerabilities: Where the Real Risks Lie

Posted by Michael Gorelik on January 5, 2018
meltdown-blog.jpg

The IT world is still shaking from the news that most modern processors have severe architecture flaws. This makes it possible for attackers to gain access to user mode and kernel memory data to leak crypto-keys, passwords, memory structures like...

Read More

Threat Profile: Rokrat Trojan

Posted by Roy Moshailov on January 2, 2018
Rokrat Trojan

Introduction

RokRAT is a sophisticated Remote Access Trojan (RAT) that is skilled at evading detection and uses multiple techniques to make analysis difficult. The current RokRAT campaign was identified by Cisco Talos in November 2017. The earliest...

Read More

Best of 2017: Our Top 5 Posts of the Year

Posted by Morphisec Team on December 28, 2017
Read More

Happy Holidays and Best Wishes for 2018

Posted by Morphisec Team on December 22, 2017
Seasons-Greetings-2017.jpg

To all our readers: 

Thank you for being with us this year and for sharing our interest in changing cybersecurity for the better. 

We wish you a wonderful festive season and a successful 2018!

From,

The entire Morphisec team

Read More

Threat Profile: SIGMA Ransomware

Posted by Roy Moshailov on December 19, 2017
threat-profile.png

Ransomware remained a major cybersecurity threat in 2017, leaving a trail of victims across all industries, company sizes and geographical borders. Phishing emails are the top ransomware delivery mechanism and they grow in number and...

Read More

Threat Alert: Memory Corruption Vulnerability CVE-2017-11826

Posted by Morphisec Labs on December 13, 2017
cyber-threat-prplstamp-173977816.jpg

Two days ago, researchers at TarLogic published a proof-of-concept APT that leverages CVE-2017-11826, a Microsoft Office 0-day vulnerability existing in all Office versions.  Microsoft issued a patch for the vulnerability in October, however many...

Read More

How to Create a Safer Shopping Experience

Posted by Mordechai Guri, Ph.D. on December 6, 2017
e-commerce attacks stop you from having a more secure shopping experience

The annual holiday season has arrived. The air grows crisp (at least in the Northern hemisphere), new, cool gadgets are released and cyberattacks, along with cologne ads, proliferate. Cyber threats aren’t deterring shoppers though: The National...

Read More
All posts

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.
Achieving Adaptive Cyber Resiliency White Paper

Search Our Site

    Recent Posts

    Posts by Tag

    See all