Recent Webinar: Building an Adaptive Cyber Resilient Cloud
arrow-white arrow-white Watch now
close
Posted by Arnold Osipov on May 14, 2021

The Morphisec Labs team has been tracking an ongoing RAT delivery campaign that started in February this year. This campaign is unique in its heavy use of the AutoHotKey scripting language—a fork of the AutoIt language frequently used for testing...

Read More
Posted by Matthew Delman on May 13, 2021

Has there ever been a threat to your business risk quite like a ransomware attack? One that strikes without warning to cripple a company almost instantly; one that afflicts organizations regardless of their size, industry, or importance; or one that...

Read More
Posted by Nuni Snowden on May 8, 2021

This week, cloud security gets an upgrade, large companies take responsibility for past mistakes, and threat actors come up with admittedly innovative ways to steal your data. Keep reading to learn more about this week’s top cybersecurity news. 

Read More
Posted by Nadav Lorber on May 7, 2021

Morphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines.

The Crypter is most commonly delivered through phishing emails, which lead to the download of a visual basic file....

Read More
Posted by Matthew Delman on May 1, 2021

In this week’s edition of Security News in Review, we have stories about the U.S. Department of Homeland Security calling for mandatory disclosure of ransom payments, reports about the Babuk ransomware shutting down, and the revelation that a German...

Read More
Posted by Matthew Delman on April 29, 2021

Cybersecurity is generally not the first thing on anyone’s mind when she or he is contemplating a major operation or a prolonged hospital stay. However, with the healthcare sector experiencing a constant rise in cyber attacks, the potential health...

Read More
Posted by Nuni Snowden on April 24, 2021

In this week’s roundup, we discover new tactics of threat actors, ongoing cyberattacks, and (surprisingly) the new depths ransomware operators will travel in order to make their victims pay. Keep reading to learn about the latest developments in...

Read More
Posted by Ron Bower on April 22, 2021

For healthcare end-users, the impact of a cyberattack does not quickly fade. That's according to Morphisec's 2021 Consumer Healthcare Cybersecurity Threat Index. Our survey of over 1,000 US consumers found that within the past year, 20 percent of...

Read More
Posted by Matthew Delman on April 15, 2021

Cybercrime is rising across all levels of industry and government. Nowhere is this more apparent than in financial services. Firms like banks and credit unions experience attacks nearly 300 times more often than other industries. This is even...

Read More
Posted by Nuni Snowden on April 10, 2021

This week on Security News in Review, we have coverage on the Facebook data leak, some movement from the federal government on closing a weak spot, and theories on whether IcedID could take on the role Emotet used to have. 

Read More
Posted by Daniel Petrillo on April 8, 2021

With attacks increasing by 140 percent between 2018 and 2019, the threat from ransomware was growing long before the COVID-19 pandemic began. Last year, however, thanks to a perfect storm of unfortunate circumstances, the trend line for ransomware...

Read More
Posted by Nuni Snowden on April 3, 2021

This weekend on security news in review, we have some new data on firmware attacks against global enterprises, insights into how much damage ransomware has caused the healthcare industry, and the Department of Homeland Security laying out a new...

Read More
Posted by Michael Gorelik on April 2, 2021

The developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we...

Read More
Posted by Matthew Delman on April 1, 2021

Cybersecurity spending is something of a corporate paradox. Ultimately, the discipline of cybersecurity is about risk reduction. You purchase an endpoint protection platform and other security tools--network firewalls, data loss prevention, etc.--to

Read More
Posted by Matthew Delman on March 27, 2021

In this week’s edition of Security News in Review, there’s new stories about the ransomware attack that locked up Acer’s computer systems, insight into how many Microsoft Exchange servers remain unpatched, and some theorizing on whether takedowns of...

Read More
Posted by Daniel Petrillo on March 24, 2021

Over 30 years ago, a disgruntled researcher unleashed the first noted ransomware virus, the “Aids Trojan.” Distributed on 20,000 floppy disks marked “AIDS Information — Introductory Diskettes'' using hijacked mail subscriber lists to the World...

Read More
Posted by Daniel Petrillo on March 18, 2021

Ever since the Morris Worm infected 10 percent of internet-connected computers in 1988, endpoint security has become a critical asset for organizations and endpoints themselves a top target for threat actors. However, in recent years, the arms race...

Read More
Posted by Nadav Lorber on March 16, 2021

In 2021 Morphisec identified increased usage of the “HCrypt” crypter. In this post, we lockpick “HCrypt”—a crypter as a service marketed as a FUD (fully undetectable) loader for the client's RAT of choice. We chose to dissect the crypter’s...

Read More
Posted by Matthew Delman on March 13, 2021

In this week’s edition of our roundup of the cybersecurity news, you’ll find information on Microsoft’s Patch Tuesday in case you missed it, new insights into the Server hack, and information on the rise in K-12 cyberattacks among other important...

Read More
Posted by Michael Gorelik on March 10, 2021

Microsoft recently published details of an attack showing how a threat actor used zero-day exploits to access Microsoft Exchange Servers. The new exploit enabled access to email accounts and allowed the installation of additional malware to...

Read More