Cybersecurity Blog

Gartner has released new research about moving target defense (MTD) that we want to bring to your attention. Their findings demonstrate why MTD is a vital component of a prevention-first cybersecurity strategy. [2023 UPDATE: New Gartner report...

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. [see “Protecting Against the Log4J Vulnerability”] Countless millions of devices instantly became at risk of attack,...

With a year-on-year increase of over 161%, malicious usage of cracked versions of Cobalt Strike (a legitimate penetration test tool) is skyrocketing. For organizations that still rely on signature-based next generation antivirus (NGAV) solutions to...

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Now, almost one week later, it is clear that countless millions of devices are at risk, and Log4j may rank among the...

Ransomware attacks are soaring. By the end of this year, the global costs incurred by ransomware will be more than $20 billion annually – 57 times what they were in 2015 . For individual organizations feeling the sharp end of this exponential rise,...

The cryptocurrency market is now worth more than $2.5 trillion. Unfortunately, this fact is not lost on threat actors. As well as using cryptocurrency themselves to extract ransoms, cybercriminals are now also tailoring malware to exploit the...

Almost a year after an international law enforcement effort supposedly defeated it, Emotet, aka "the world's most dangerous botnet," has returned. Earlier this week, German security researcher Luca Ebach reported seeing malware with Emotet-like...

Microsoft Defender Antivirus (MDAV), known as Windows Defender Antivirus before the Windows 10 May 2020 update, is an anti-malware component of Microsoft Windows. MDAV continually scans for malware, viruses, and advanced security threats. 

• The Go language is becoming increasingly popular among threat actors, with attacks starting to appear in 2019
• Morphisec Labs has tracked a new Golang-based (1.17) ransomware variant that appeared starting in late September and continued...

Microsoft Defender Antivirus suffers from a perception problem. For the first decade of its existence, starting with its 2006 release, Defender was a much-maligned piece of software that no business would use to protect its endpoints. That’s no...

• Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations 
• MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
• MirrorBlast has low detections on...

A successful security breach brings with it a host of legal and financial ramifications, including cleanup costs paid to remediation vendors and possible penalties from the exfiltration of sensitive data. The rise of data protection regulations...

Now more than ever, supply chains are attracting threat actor attention. As evidenced by attacks like the one which recently targeted the IT services provider Kaseya and over 1,500 of their clients, trusted relationships between service providers...

In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor. 

Ransomware developers have powerful financial incentives to continue adding new features to their code. From developers to affiliates, these malicious pieces of software enrich countless cyber criminals at great expense to victims, and will likely...

Ever since the "Vienna Virus" prompted the development of the first antivirus solution in 1987, cybersecurity has come to resemble a high-stakes game of catch up: new threats appear, defenses are re-designed to defeat these threats, adversaries...

On approximately August 21, 2021, security researchers, cybersecurity leaders, and eventually the CISA began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed and unprepared victims. Threat...

Editor's Note: This blog post is courtesy of IT Central Station.

Security Operations (SecOps), never a stress-free area of business, is now struggling with additional pressures. While the threat environment has grown more serious than ever, people...

Is that a rat or a phoenix? Usually, the answer to such a question would be simple. However, when it comes to threat actors, nothing is ever as easy as it appears. For this reason we’ve compiled the latest news on cyber threats, new(ish) ransomware...

Credential theft is one of the most common ways for adversaries to gain access to critical systems. Multi-factor authentication (MFA) or its cousin two-factor authentication (2FA) are two of the technologies designed to limit this particular type of...