Recent Webinar: Building an Adaptive Cyber Resilient Cloud
arrow-white arrow-white Watch now
close
Posted by Michael Gerard on January 20, 2022

Gartner has released new research about moving target defense (MTD) that we want to bring to your attention. Their findings demonstrate why MTD is a vital component of a prevention-first cybersecurity strategy. [2023 UPDATE: New Gartner report...

Read More
Posted by Michael Gorelik on January 20, 2022

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Countless millions of devices instantly became at risk of attack, and Log4j ranked among the worst vulnerabilities yet...

Read More
Posted by Michael Gorelik on January 12, 2022

With a year-on-year increase of over 161%, malicious usage of cracked versions of Cobalt Strike (a legitimate penetration test tool) is skyrocketing. For organizations that still rely on signature-based next generation antivirus (NGAV) solutions to...

Read More
Posted by Michael Gorelik on December 17, 2021

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Now, almost one week later, it is clear that countless millions of devices are at risk, and Log4j may rank among the...

Read More
Posted by Michael Gorelik on December 9, 2021

Ransomware attacks are soaring. By the end of this year, the global costs incurred by ransomware will be more than $20 billion annually – 57 times what they were in 2015 . For individual organizations feeling the sharp end of this exponential rise,...

Read More
Posted by Hido Cohen & Arnold Osipov on November 23, 2021

The cryptocurrency market is now worth more than $2.5 trillion. Unfortunately, this fact is not lost on threat actors. As well as using cryptocurrency themselves to extract ransoms, cybercriminals are now also tailoring malware to exploit the...

Read More
Posted by Michael Gorelik on November 18, 2021

Almost a year after an international law enforcement effort supposedly defeated it, Emotet, aka "the world's most dangerous botnet," has returned. Earlier this week, German security researcher Luca Ebach reported seeing malware with Emotet-like...

Read More
Posted by Michael Gerard on November 4, 2021

Microsoft Defender Antivirus (MDAV), known as Windows Defender Antivirus before the Windows 10 May 2020 update, is an anti-malware component of Microsoft Windows. MDAV continually scans for malware, viruses, and advanced security threats. 

Read More
Posted by Hido Cohen & Michael Dereviashkin on October 28, 2021

Overview

  • The Go language is becoming increasingly popular among threat actors, with attacks starting to appear in 2019
  • Morphisec Labs has tracked a new Golang-based (1.17) ransomware variant that appeared starting in late September and continued...
Read More
Posted by Matthew Delman on October 21, 2021

Microsoft Defender Antivirus suffers from a perception problem. For the first decade of its existence, starting with its 2006 release, Defender was a much-maligned piece of software that no business would use to protect its endpoints. That’s no...

Read More
Posted by Arnold Osipov on October 14, 2021

Overview

  • Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations 
  • MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
  • MirrorBlast has low...
Read More
Posted by Morphisec Team on October 7, 2021

A successful security breach brings with it a host of legal and financial ramifications, including cleanup costs paid to remediation vendors and possible penalties from the exfiltration of sensitive data. The rise of data protection regulations...

Read More
Posted by Matthew Delman on October 1, 2021

Now more than ever, supply chains are attracting threat actor attention. As evidenced by attacks like the one which recently targeted the IT services provider Kaseya and over 1,500 of their clients, trusted relationships between service providers...

Read More
Posted by Nadav Lorber on September 21, 2021

In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor. 

Read More
Posted by Nuni Snowden on September 16, 2021

Ransomware developers have powerful financial incentives to continue adding new features to their code. From developers to affiliates, these malicious pieces of software enrich countless cyber criminals at great expense to victims, and will likely...

Read More
Posted by Matthew Delman on September 9, 2021

Ever since the "Vienna Virus" prompted the development of the first antivirus solution in 1987, cybersecurity has come to resemble a high-stakes game of catch up: new threats appear, defenses are re-designed to defeat these threats, adversaries...

Read More
Posted by Morphisec Labs on August 27, 2021

On approximately August 21, 2021, security researchers, cybersecurity leaders, and eventually the CISA began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed and unprepared victims. Threat...

Read More
Posted by Morphisec Team on August 25, 2021

Editor's Note: This blog post is courtesy of IT Central Station.

Security Operations (SecOps), never a stress-free area of business, is now struggling with additional pressures. While the threat environment has grown more serious than ever, people...

Read More
Posted by Nuni Snowden on August 21, 2021

Is that a rat or a phoenix? Usually, the answer to such a question would be simple. However, when it comes to threat actors, nothing is ever as easy as it appears. For this reason we’ve compiled the latest news on cyber threats, new(ish) ransomware...

Read More
Posted by Nuni Snowden on August 19, 2021

Credential theft is one of the most common ways for adversaries to gain access to critical systems. Multi-factor authentication (MFA) or its cousin two-factor authentication (2FA) are two of the technologies designed to limit this particular type of...

Read More