<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

[CRITICAL ALERT] CVE-2018-4990 Acrobat Reader DC Double-Free Vulnerability

Posted by Michael Gorelik on June 18, 2018 at 6:20 PM

 

After more than four years with no weaponized exploits for Adobe Acrobat Reader, researchers at ESET identified a weaponized PDF that allows attackers to execute arbitrary code on the targeted machine and eventually assume full system control. The PDF exploits two previously unknown vulnerabilities, Acrobat Reader vulnerability CVE-2018-4990 and a privilege escalation vulnerability in Microsoft Windows, CVE-2018-8120.

Adobe Reader has a built-in sandbox feature that usually makes exploitation difficult. By combining vulnerabilities, this attack achieves code execution and then bypasses the sandbox protection to fully compromise the targeted system.

Read More

Topics: Zero-day, Research, Endpoint Security, Attack Analysis, Threat Alerts

AI Security – Who is it Really Outsmarting?

Posted by Tom Bain on June 14, 2018 at 1:18 PM

We all wish we were smarter. And I believe that the vast majority of people, in some way, strive to GET smarter.

As someone who has been involved in the cybersecurity industry for years, and watched it evolve, I see countless companies in this market using the aspect of intelligence to position themselves as being smarter than others. But if you have to proclaim your intelligence, are you actually smart? Or even smarter than me? Or than the next company?

Read More

Topics: Moving Target Defense, Endpoint Security, CISO, Cyber Security

Morphisec Hits One Million Endpoint Milestone

Posted by Tom Bain on June 11, 2018 at 9:50 AM

After less than two years in the market, Morphisec has deployed its Endpoint Threat Prevention platform to over one million endpoints worldwide, making it the fastest subscription-based B2B cybersecurity company to reach this milestone.

Read More

Topics: Company News, Moving Target Defense, Endpoint Security

CVE-2018-8174 Blows the VBScript Attack Door Wide Open

Posted by Michael Gorelik on May 25, 2018 at 5:42 PM

 

In April, researchers at Qihoo 360 Core Security Division discovered a VBScript vulnerability actively exploited in targeted attacks. Since then, it has appeared in additional attack campaigns. The vulnerability, CVE-2018-8174, dubbed "Double Kill",  is significant on several counts.

Read More

Topics: Exploits, Cyber Security, Threat Profile, Threat Alerts

Case Study: Dan Hotel Group Stays Off the Breach List

Posted by Shelley Leveson on May 17, 2018 at 11:50 PM

 

If you’ve stayed at any large hotel chain in the past year, there’s a good chance your personal details have been compromised. According to Verizon’s 2018 Data Breach Investigations Report, the accommodation industry had one of the highest number of breaches, second only to healthcare. 

Read More

Topics: Endpoint Security, CISO, Cyber Security, Case Study

New Info-Stealing Trojan Spotted in HSBC Malspam Campaign

Posted by Roy Moshailov on May 9, 2018 at 10:38 AM

On the 12th of April, Morphisec, identified and prevented a major wave of malspam purporting to be from HSBC Bank. The phishing campaign targeted several industrial manufacturing and service enterprises in Asia, using standard but still often effective social engineering tactics. The malicious email delivered a sophisticated info-stealing trojan via a weaponized ISO attachment. ISO files are a type of image archive format used for optical disk images, which can be opened using WinRAR and other programs.

Read More

Topics: Research, Attack Analysis, Threat Profile, Malspam

Morphisec Honored at MMCIO Spring Forum

Posted by Shelley Leveson on May 3, 2018 at 1:02 PM

Morphisec is honored to have received awards in three out of six categories at this year's Midmarket CIO Spring Forum. The annual Vendor Excellence and Midmarket CIO Awards recognize leaders in technology collaboration. 

Over 77% of all cyber crimes target small and midsize enterprises. According to the 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) report by the Ponemon Institute, cyberattacks cost small and medium-sized businesses an average of $2,235,000.

Read More

Topics: Company News, CISO, Cyber Security

GDPR and Your Cybersecurity Strategy

Posted by Netta Schmeidler on April 26, 2018 at 9:28 PM

One of the hottest topics at last week’s RSA Conference was GDPR. Over twenty sessions covered GDPR from various angles and many more touched upon the subject in some way. This was hardly surprising – with the May 25th compliance deadline looming, companies are frantically trying to understand the implications, their responsibilities and actions they need to take.

Read More

Topics: GDPR

Women Underrepresented at RSAC - Let's Do Something About It

Posted by Netta Schmeidler on April 19, 2018 at 5:27 PM

 

Although I’m excited to be at the RSA Conference with my Morphisec colleagues, it reminds me of the impetus for starting our Women in Cybersecurity Scholarship. Of 28 keynote speakers at RSAC, only seven are women, and six of these were added at the last minute following a string of scathing tweets and articles. This 25% figure seems to be the average percentage in the general sessions as well. I attended several that were one woman in a panel of four, a few that had only male speakers and a single session that had a majority female panel. If I had to guess the overall attendee and exhibitor gender split I’d say it fell along the same lines, but that percent is skewed by the number of women simply scanning badges.

Read More

Topics: Company News, Events, Cyber Security

Morphisec Joins Citrix Ready Partner Program

Posted by Shelley Leveson on April 17, 2018 at 9:42 AM

Morphisec Moving Target Defense verified as Citrix Ready to enhance protection with Citrix XenApp and XenDesktop

Read More

Topics: Company News, Moving Target Defense, Industry News, Endpoint Security, Cyber Security

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts