Cybersecurity Blog

Last week’s Gartner Security & Risk Management Summit crammed several months’ worth of information, analyses, workshops and networking into 3 ½ short days. Though many messages were familiar, a shift could be detected, a recognition that the...

Imagine a conversation like this.

ASPIRING VIOLINIST:  Maestro, what should I do to be a violin virtuoso?

MAESTRO: You must practice 48 hours every day on the tuba. I will sell you a tuba.

ASPIRING VIOLINIST: But there are only 24 hours in a day....

With fileless malware popping up more and more frequently, particularly sophisticated PowerShell attacks, we thought it useful to examine these threats by reverse engineering those in-memory samples from Virus Total that have the lowest detection...

Here is a treat for our Polish speaking readers!

In yesterday’s interview with Poranek WTK, Dawid Nogaj, CEO of PC Service and authorized Morphisec distributor in Poland, explains why signature-based endpoint security solutions are on their way out....

The recent FireEye discovery of an Angler Exploit Kit variant that bypasses Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) has taken the cyber security world by surprise – but it shouldn’t have. New variants of the Angler EK crop up...

How do you outsmart malware? In an article published by Tech Crunch last week, tech reporter Ben Dickson investigates the new generation of smart malware. He manages to sum up the crux of the problem in two sentences: “Virus definition databases...

CVE-2015-2545 is the vulnerability that just keeps on giving. First spotted in August 2015, in a targeted attack by the Platinum Group, it allows attackers to bypass system memory protections via a malicious EPS image file embedded in a Microsoft...

Join Morphisec at Infosecurity Europe 2016 at Olypmia in London June 7-9. Marking our recently established partnership, we are thrilled to exhibit together with XML International, a leading global provider of consulting and authorized Morphisec...

The ancients’ experience of modern computing was limited to say the least, but they gave us a nice framework, The Socratic Method for cyber security, that moderns can use for dealing with the problem of cyber security. The Socratic Method is a...

Recently, software engineer and noted tech journalist Ben Dickson explored the growing threat of ransomware in an article in The Daily Dot. He gives a thorough yet remarkably non-techie overview before tackling the difficult part – what can...

Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.

In the arms race between cyber attackers and cyber...

Yet another critical Flash vulnerability was uncovered this month, thanks to researchers at FireEye. The vulnerability, CVE-2016-4117, exists in Flash 21.0.0.226 and earlier versions for Windows, Mac, Linux, and Chrome OS. It received a CVSS v3...

Of course we know that Morphisec is a cool company, with a terrific team of people, working on the coolest security product. Well now our coolness is official: Gartner, the leading tech analyst group, selected Morphisec as a Cool Vendor for 2016.

Join Morphisec at DCOI 2016 – the Defensive Cyberspace Operations and Intelligence conference – to be held in Washington D.C. May 18-19. This annual high-level US-Israel cyber security summit aims to enhance international cooperation and promote...

Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.

Cyber attackers constantly develop new methods to...

The technology research group TechTarget recently published their findings from a survey on endpoint security at medium to large enterprises. The results corroborate trends all too evident in the news:   Despite the features and functionality added to

After the burst of the bug bubble, I’m left wondering who at SerNet decided the Badlock marketing campaign was a good idea and why.  It certainly was not, as claimed, to raise awareness for a critical bug that needed immediate patching.

Your Vote Counts!

Amidst the pageantry and spectacle of the US primaries, there’s a quieter vote going on, one that takes only a few seconds from you. We’re talking about Startup50 2016. Finalists make it into Jeff Vance’s Big50 Startup Report,...

The Carbanak APT group, aka “Anunak,” (dubbed Carbanak by Kaspersky Labs to reflect its Carberp origins) is one of the most notorious cybercriminal groups to target the Financial sector. Since Carbanak was first released in December 2014, around 100...