<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Bill Reed on May 10, 2022

"Make do and mend." If you work in IT security, this slogan, from a pamphlet issued by the British government in 1943, probably resonates. In security, constant mending—i.e. patching, is a fact of life. So what is virtual patching and why would you...

Read More
Posted by Morphisec Team on May 4, 2022

Ransomware attacks have never been more dangerous, or prolific. 2020 was described by security experts and media outlets as the "worst year ever for ransomware." Then ransomware attacks grew by 105 percent between 2020 and 2021. This cyberwar has...

Read More
Posted by Brad LaPorte on May 2, 2022

MITRE is an unbiased and respected organization that performs a valuable service to the cybersecurity community. The MITRE ATT&CK evaluation is an industry standard, and the industry can use all the help it can get to identify the tactics and...

Read More
Posted by Bill Reed on April 27, 2022

For small and medium businesses (SMBs), digital transformation has been a double edged sword. Cloud technologies and IoT devices have boosted productivity during a punishing pandemic where every dollar counts. But these advances have come at a cost....

Read More
Posted by Morphisec Labs on April 25, 2022

Morphisec is a world leader in preventing evasive polymorphic threats launched from zero-day exploits. On April 14 and 15, Morphisec identified exploitation attempts for a week-old VMware Workspace ONE Access (formerly VMware Identity Manager)...

Read More
Posted by Bill Reed on April 20, 2022

In modern cybersecurity, standards and acronyms are abundant: ISO 27001, CIST, COBIT, GDPR... In the US, National Institute of Standards and Technology (NIST) standards are the go-to for organizations wanting to protect against phishing, ransomware,...

Read More
Posted by Michael Gerard on April 12, 2022

Although almost nothing seems to get bipartisan support anymore, cybersecurity may be an exception to the rule. On March 1 2022, the Senate unanimously approved the Strengthening American Cybersecurity Act. This bill follows President Biden's ...

Read More
Posted by Michael Gerard on April 7, 2022

Cybersecurity professionals be warned: 2022 offers no respite from the wave of cybercrime that’s tormented enterprises these past couple of years. Cybersecurity was already a fast-moving sector prior to Covid-19. But the emergence of remote work,...

Read More
Posted by Michael Dereviashkin on April 5, 2022

As Russia’s invasion of Ukraine continues, new wiper malware has surfaced attacking Ukrainian infrastructure. Caddywiper was first detected on March 14, 2022. It destroys user data, partitions information from attached drives, and has been spotted...

Read More
Posted by Hido Cohen on March 30, 2022

Morphisec Labs has detected a new wave of Remcos trojan infection. The theme of the phishing emails is again financial, this time as payment remittances sent from financial institutions. The attacker lures a user to open a malicious Excel file that...

Read More
Posted by Arnold Osipov on March 29, 2022

The Morphisec Labs team has conducted research on the new Mars infostealer. Mars is based on the older Oski Stealer and was first discovered in June 2021. The new Mars is available for sale on several underground forums and is reported to be under...

Read More
Posted by Hido Cohen on March 23, 2022

Morphisec Labs has observed a new wave of JSSLoader infections this year. We’ve tracked JSSLoader activity since December 2020 and published a thorough report on the Russian criminal hacking group FIN7’s JSSLoader: The Evolution of the FIN7...

Read More
Posted by Michael Gorelik on March 9, 2022

Today’s cyber security solutions aren’t countering threat actors’ advanced attacks. In the wake of the SolarWinds breach, even the largest companies and most-secure public agencies have had serious vulnerabilities exposed. If existing solutions...

Read More
Posted by Bill Reed on February 23, 2022

Few executives doubt their organizations must pay more attention to cybersecurity. Cybercrime costs were estimated at $6 trillion globally in the last year alone, a figure that is forecast to double by 2025. Assessed annually, this equates to...

Read More
Posted by Hido Cohen & Arnold Osipov on February 14, 2022

With examples changing hands for up to $69 million, hosting digital content on blockchain and selling it to investors has become one of the most lucrative things creators can do. And as rock stars, international artists, and even politicians keep...

Read More
Posted by Morphisec Labs on January 28, 2022

As a continuation to our previously published blog post on VMWare Horizon being targeted through the Log4j vulnerability, we have now identified Unifi Network applications being targeted in a similar way on a number of occasions. Based on...

Read More
Posted by Michael Dereviashkin on January 25, 2022

Morphisec, through its breach prevention with Moving Target Defense technology, has identified a new, sophisticated campaign delivery which has been successfully evading the radar of many security vendors. Through a simple email phishing tactic...

Read More
Posted by Michael Gerard on January 20, 2022

Gartner has released new research about moving target defense (MTD) that we want to bring to your attention. Their findings demonstrate why MTD is a vital component of a prevention-first cybersecurity strategy. Likewise, their forecasts predict...

Read More
Posted by Michael Gorelik on January 20, 2022

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. [see “Protecting Against the Log4J Vulnerability”] Countless millions of devices instantly became at risk of attack,...

Read More
Posted by Michael Gorelik on January 12, 2022

With a year-on-year increase of over 161%, malicious usage of cracked versions of Cobalt Strike (a legitimate penetration test tool) is skyrocketing. For organizations that still rely on signature-based next generation antivirus (NGAV) solutions to...

Read More

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.

New call-to-action

Search Our Site

    Recent Posts