Cyber Security Blog

Cyber security solutions like next generation anti-virus (NGAV), endpoint detection and response (EDR), and endpoint protection platform (EPP) face abuse, tampering, and exploitation to achieve initial access and persistence. Threat actors know it's...

Today, threat and vulnerability management is more critical than ever, with unpatched vulnerabilities involved in 60 percent of data breaches. Vulnerability tools of all stripes abound, yet for all their features, few offer a clear path to action....

Despite increasing investment in cybersecurity, cybercrime is surging. Every day attacks cripple healthcare providers, shut down educators, and disrupt financial/insurance services firms, manufacturing firms, law firms, and software companies to the...

A doctor might describe the condition of cybersecurity in healthcare 2022 as "critical." In a little over two years, healthcare IT has seen a decade's worth of changes. From a security point of view, most have been for the worse. 

After years of steady increases, cloud computing adoption surged dramatically during the pandemic. Companies suddenly needed to build out the infrastructure for a wholesale pivot to remote work. Spending on cloud services reached a record high of ...

The DoNot Team (a.k.a APT-C-35) are advanced persistent threat actors who’ve been active since at least 2016. They’ve targeted many attacks against individuals and organizations in South Asia. DoNot are reported to be the main developers and users...

In the last couple of years, security teams in large enterprises and high-profile government organizations have increasingly experienced a new form of attack. This attack leverages the supply chain of an organization’s software ecosystem (and less...

On the dark web, private health information (PHI) sells for up to $1,000 per record. In response to surging healthcare cyberattacks, it's now glaringly obvious that data security in healthcare needs to go in a new direction.

In the last few years, organizations in every sector have witnessed a clear shift in the threat landscape. Although the number and frequency of all kinds of cyberattacks increased, ransomware in particular has undergone extremely rapid evolution....

To help protect the public, Morphisec Labs constantly monitors, investigates, and assesses the latest threats to help organizations avoid serious consequences. In recent months, threats involving infostealers have escalated. This report analyzes six...

Ransomware attacks have undergone a pandemic-accelerated evolution in recent years—and defenses have struggled to keep up. The first phase of ransomware has given way to something new and different, better and worse. To help understand this...

Shoe shops and security operation centers have something in common. One size fits all solutions are not a great idea in either area. Unfortunately for security professionals trying to secure Linux servers, purpose-built Linux solutions are...

Last week the Conti ransomware group "went dark" and might have shut down. Shortly before doing so, they went to war with an entire nation. Their ransomware attack paralyzed dozens of public institutions in Costa Rica in early May. The newly...

Not long ago, the term “Linux protection” was closer to an oxymoron than a strategy. For security teams and vendors alike, Linux systems were seen as being either immune to cyber threats or not something threat actors targeted.

Between staff shortages and COVID variants, healthcare providers have had plenty to worry about during the past two years. Now alongside these worries, cybersecurity issues in healthcare are also putting patient care in jeopardy. Healthcare is one...

With 50% more users last year than in 2020, the number of people using the community chat platform Discord is growing at a blistering pace. This has led cybercriminals to refine and expand malicious attack use cases for the platform. In this threat...

"Make do and mend." If you work in IT security, this slogan, from a pamphlet issued by the British government in 1943, probably resonates. In security, constant mending—i.e. patching, is a fact of life. So what is virtual patching and why would you...

Ransomware attacks have never been more dangerous, or prolific. 2020 was described by security experts and media outlets as the "worst year ever for ransomware." Then ransomware attacks grew by 105 percent between 2020 and 2021. This cyberwar has...

MITRE is an unbiased and respected organization that performs a valuable service to the cybersecurity community. The MITRE ATT&CK evaluation is an industry standard, and the industry can use all the help it can get to identify the tactics and...

For small and medium businesses (SMBs), digital transformation has been a double edged sword. Cloud technologies and IoT devices have boosted productivity during a punishing pandemic where every dollar counts. But these advances have come at a cost....