The Morphisec Labs team has been tracking an ongoing RAT delivery campaign that started in February this year. This campaign is unique in its heavy use of the AutoHotKey scripting language—a fork of the AutoIt language frequently used for testing...
Read MoreHas there ever been a threat to your business risk quite like a ransomware attack? One that strikes without warning to cripple a company almost instantly; one that afflicts organizations regardless of their size, industry, or importance; or one that...
Read MoreThis week, cloud security gets an upgrade, large companies take responsibility for past mistakes, and threat actors come up with admittedly innovative ways to steal your data. Keep reading to learn more about this week’s top cybersecurity news.
Read MoreMorphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines.
The Crypter is most commonly delivered through phishing emails, which lead to the download of a visual basic file....
Read MoreIn this week’s edition of Security News in Review, we have stories about the U.S. Department of Homeland Security calling for mandatory disclosure of ransom payments, reports about the Babuk ransomware shutting down, and the revelation that a German...
Read MoreCybersecurity is generally not the first thing on anyone’s mind when she or he is contemplating a major operation or a prolonged hospital stay. However, with the healthcare sector experiencing a constant rise in cyber attacks, the potential health...
Read MoreIn this week’s roundup, we discover new tactics of threat actors, ongoing cyberattacks, and (surprisingly) the new depths ransomware operators will travel in order to make their victims pay. Keep reading to learn about the latest developments in...
Read MoreFor healthcare end-users, the impact of a cyberattack does not quickly fade. That's according to Morphisec's 2021 Consumer Healthcare Cybersecurity Threat Index. Our survey of over 1,000 US consumers found that within the past year, 20 percent of...
Read MoreCybercrime is rising across all levels of industry and government. Nowhere is this more apparent than in financial services. Firms like banks and credit unions experience attacks nearly 300 times more often than other industries. This is even...
Read MoreThis week on Security News in Review, we have coverage on the Facebook data leak, some movement from the federal government on closing a weak spot, and theories on whether IcedID could take on the role Emotet used to have.
Read MoreWith attacks increasing by 140 percent between 2018 and 2019, the threat from ransomware was growing long before the COVID-19 pandemic began. Last year, however, thanks to a perfect storm of unfortunate circumstances, the trend line for ransomware...
Read MoreThis weekend on security news in review, we have some new data on firmware attacks against global enterprises, insights into how much damage ransomware has caused the healthcare industry, and the Department of Homeland Security laying out a new...
Read MoreThe developers of the Phobos ransomware have added new fileless and evasive techniques to their arsenal. Constantly keeping their attack up to date helps them bypass detection technologies through several distinct approaches, the latest of which we...
Read MoreCybersecurity spending is something of a corporate paradox. Ultimately, the discipline of cybersecurity is about risk reduction. You purchase an endpoint protection platform and other security tools--network firewalls, data loss prevention, etc.--to
Read MoreIn this week’s edition of Security News in Review, there’s new stories about the ransomware attack that locked up Acer’s computer systems, insight into how many Microsoft Exchange servers remain unpatched, and some theorizing on whether takedowns of...
Read MoreOver 30 years ago, a disgruntled researcher unleashed the first noted ransomware virus, the “Aids Trojan.” Distributed on 20,000 floppy disks marked “AIDS Information — Introductory Diskettes'' using hijacked mail subscriber lists to the World...
Read MoreEver since the Morris Worm infected 10 percent of internet-connected computers in 1988, endpoint security has become a critical asset for organizations and endpoints themselves a top target for threat actors. However, in recent years, the arms race...
Read MoreIn 2021 Morphisec identified increased usage of the “HCrypt” crypter. In this post, we lockpick “HCrypt”—a crypter as a service marketed as a FUD (fully undetectable) loader for the client's RAT of choice. We chose to dissect the crypter’s...
Read MoreIn this week’s edition of our roundup of the cybersecurity news, you’ll find information on Microsoft’s Patch Tuesday in case you missed it, new insights into the Server hack, and information on the rise in K-12 cyberattacks among other important...
Read MoreMicrosoft recently published details of an attack showing how a threat actor used zero-day exploits to access Microsoft Exchange Servers. The new exploit enabled access to email accounts and allowed the installation of additional malware to...
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Automated Moving Target Defense (157)
- Threat Research (135)
- Cyber Security News (132)
- Morphisec Labs (126)
- Morphisec News (54)
- Adaptive Exposure Management (14)
- Defense-in-Depth (13)
- Ransomware (12)
- Preemptive Security (11)
- Gartner (10)
- Continuous Threat Exposure Management (CTEM) (9)
- Microsoft (8)
- In-Memory Attacks (7)
- Healthcare Cybersecurity (6)
- Advanced Threat Defense (5)
- Financial Cybersecurity (5)
- Legacy Security (5)
- Artificial Intelligence (4)
- Linux Cybersecurity (4)
- Fileless Malware (3)
- Threat and Vulnerability Management (2)
- Managed Service Providers (1)