Cybersecurity Blog

As cyber threats continue to evolve, it's clear that traditional, static security measures are no longer sufficient. Organizations must embrace innovative approaches to stay ahead of sophisticated attackers. 

Mandiant cybersecurity researchers recently released a blog on a memory-only dropper which uses a complex multi-stage infection process. This PowerShell-based downloader is being tracked as PEAKLIGHT. Mandiant researcher findings note that this...

In today's rapidly evolving cybersecurity landscape, effective vulnerability management is a cornerstone of maintaining a robust security posture. Yet despite investing significant resources into regular vulnerability assessments and mitigation...

In the rapidly evolving landscape of cybersecurity threats, a new adversary has emerged, drawing inspiration from one of the internet’s most enigmatic puzzles—Cicada3301. This new threat, dubbed Cicada3301 ransomware, was identified in a Morphisec...

The evolution of cybersecurity has been a journey of increasingly sophisticated defense innovations. It began with basic anti-virus (AV) software, which relied on static analysis to identify known threats by scanning binaries and files. 

Global financial stability is facing an unprecedented threat due to the escalating frequency and sophistication of cyberattacks. According to a recent report by the International Monetary Fund (IMF), the financial sector continues to be a prime...

Once considered a passing fad, ransomware attacks have consistently risen in frequency and complexity. New research from Cyentia confirms ransomware’s threat dominance — its findings note that ransomware accounts for 32% of all security incidents...

Automated Moving Target Defense (AMTD) has been recognized in the Gartner Hype Cycle for Endpoint and Workspace Security, 2024 report, in its ‘on the rise’ category. Morphisec is named as a Sample Vendor in the AMTD category for the second year in a...

Recently, Morphisec researchers discovered a vulnerability in Microsoft Outlook that can lead to remote code execution (RCE). This vulnerability, identified as CVE-2024-38021, highlights a significant security flaw within the Microsoft Outlook...

As part of our ongoing efforts to identify newer vulnerabilities in Microsoft Office applications, Morphisec researchers have discovered two additional critical vulnerabilities in the Microsoft Outlook application which were reported to Microsoft...

Recently, Morphisec researchers discovered a vulnerability in Microsoft Outlook, which highlights the potential for remote code execution within the context of the Outlook application. This newly identified vulnerability, CVE-2024-30103, allows...

In the rapidly evolving landscape of cybersecurity, the Managed Detection and Response (MDR) market has undergone significant transformations. What began as a reactive approach focused on detecting and responding to threats has now matured into a...

Cyber-attacks targeting healthcare facilities ruthlessly exploit personal, vulnerable and highly sensitive information. It’s one of the few industries where attacks can lead to life and death scenarios.

The Crowdstrike and Windows outage highlighted a new reality for all companies: IT systems are critical infrastructure. 

A recent faulty configuration file in CrowdStrike's Falcon platform caused a significant IT disruption, rendering millions of Windows machines inoperable. The result was a multi-day outage event, which affected critical sectors such as airlines,...

When it comes to endpoint security, Microsoft Defender for Endpoint stands out as a popular choice. It's the fastest-growing endpoint protection platform, boasting over 19% market share, and for good reason — Microsoft Defender for Endpoint provides...

The many factors that influence the threat landscape make predicting its path nearly impossible. But as security professionals, observing attack trends can help us anticipate shifts and respond from a position of strength. As a community we tend to...

Morphisec researchers have identified a significant vulnerability, CVE-2024-38021 — a zero-click remote code execution (RCE) vulnerability that impacts most Microsoft Outlook applications.

Security configurations are the backbone of a robust cybersecurity framework. Ensuring these configurations are correctly set across your environment is crucial for defending against potential breaches.