Cybersecurity Tech Investment Planning: Use annual loss expectancy to build a business case
arrow-white arrow-white Download now
close
Posted by Jay Kurup on October 6, 2023

Apple Security Engineering and Architecture (SEAR) and the Citizen Lab opened a pair of critical vulnerabilities relating to the abuse of WebP images which could lead to exploitation of Google Chrome and Chromium-based browsers, as well as the...

Read More
Posted by Oren Dvoskin on September 25, 2023

The ransomware attack that hitMGM Resorts International on September 10thcaptured headlines due to the company’s name recognition, reputational and customer impact,andthe overall magnitude ofbusiness disruptionthe attack caused.

Read More
Posted by Hido Cohen & Arnold Osipov on September 5, 2023

Exclusive: Morphisec Threat Labs identified Chae$ 4, an advanced and previously unknown variant of the Chaes malware. Read this post for an abstract of the findings. 

Download the full Chae$ 4 technical analysis containing exclusive details of the...

Read More
Posted by Oren Dvoskin on August 28, 2023

“If an attacker successfully hacks our workstations or trading terminals, they’d have full access to the firm’s critical infrastructure.” This quote from a Chief Information Security Officer at a leading US-based hedge fund shines a light on the...

Read More
Posted by Oren Dvoskin on August 3, 2023

In today’s threat landscape, multiple defense-in-depth layers are one of the only ways security teams can achieve peace of mind. Why? Two reasons stand out:

Read More
Posted by Nir Givol on July 27, 2023

As the sophistication of Artificial Intelligence (AI) tools such as ChatGPT, Copilot, Bard and others continues to grow, they present a greater risk to security defenders—and greater reward to attackers adopting AI-driven attack techniques. 

Read More
Posted by Michael Gerard on July 18, 2023

Gartner® has published a new report focused onAutomated Moving Target Defense (AMTD) technology innovation. According to Gartner: “Combining AMTD solutions at different layers of the technology stack provides innovation leaders with a highly...

Read More
Posted by Oren Dvoskin on July 5, 2023

Cyberattacks targeting critical OT and industrial organizations rose by 87% last year—the threat level to OT is higher than ever, and threat actors are finding new ways to compromise OT environments.

Read More
Posted by Arnold Osipov on June 29, 2023

Since April, Morphisec Labs has been closely monitoring an active GuLoader campaign that primarily focuses on law firms, along with healthcare and investment firms, specifically within the United States. GuLoader, also known as Cloudeye, has been...

Read More
Posted by Oren Dvoskin on June 23, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) admitted it is providing support to several Federal agencies that were breached following vulnerabilities exposed in the Progress (formerly Ipswitch) MOVEit Transfer solution. According...

Read More
Posted by Oren Dvoskin on June 12, 2023

Morphisec has been recognized as a sample vendor in Gartner’s Emerging Tech: Security — Emergence Cycle for Automated Moving Target Defense Report—research covering groundbreaking security technologies that according to Gartner, “are paving the way...

Read More
Posted by Michael Gerard on May 18, 2023

There’s now a new ransomware attack, on average, every 10 seconds. Threat actors have become powerful and sophisticated enough to successfully hold national governments—such as Ireland and Costa Rica—to ransom. 

Read More
Posted by Arnold Osipov and Michael Dereviashkin on April 18, 2023

The Aurora stealer is a notorious Golang-based information stealer that's been gaining popularity from the end of 2022 through the first quarter of 2023. The Morphisec Threat Labs team has been tracing its activities using our prevention telemetry...

Read More
Posted by Oren Dvoskin on April 12, 2023

Legacy Microsoft operating systems (OSs) will probably be with us until the universe’s heat death. OS usage statistics show the total market share of legacy operating systems is still above 10 percent. With the total Windows installation base of 1.3...

Read More
Posted by Bill Reed on April 6, 2023

Few executives doubt their organizations must pay more attention to cybersecurity. Cybercrime costs were estimated at $8.4 trillion globally in 2022 alone, and could exceed $20 trillion by 2026. No organization can afford to ignore this risk.

Read More
Posted by Oren Dvoskin on March 23, 2023

Fileless malware attacks are a malicious code execution technique that works completely within process memory. In a fileless attack, no files are dropped onto a hard drive. With no artifacts on the hard drive to detect, these attacks easily evade...

Read More
Posted by Arnold Osipov on March 7, 2023

Starting in November 2022, Morphisec has been tracking an advanced info stealer we have named “SYS01 stealer.” SYS01 stealer uses similar lures and loading techniques to another information stealer recently dubbed S1deload by the Bitdefender group,...

Read More
Posted by Mitchell Hall on February 21, 2023

Security success doesn't happen in a vacuum. Security conferences give practitioners, decision-makers, and vendors a chance to get outside the bubble of day-to-day life. So, what are the top in-person and virtual cybersecurity conferences in 2023?

Read More
Posted by Alon Shekalim & Michael Dereviashkin on February 15, 2023

Morphisec has recently identified a highly evasive malware campaign delivering ProxyShellMiner to Windows endpoints.

Read More
Posted by Oren Dvoskin on January 25, 2023

ChatGPT is a powerful AI chatbot that uses a huge data collection and natural language processing to “converse” with users in a way that feels like a normal, human conversation. Its ease of use and relatively high accuracy has seen users leverage it...

Read More