Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.
Read More
Posted by
Morphisec Team on January 20, 2017
Posted by
Shelley Leveson on June 8, 2016
The recent FireEye discovery of an Angler Exploit Kit variant that bypasses Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) has taken the cyber security world by surprise – but it shouldn’t have. New variants of the Angler EK crop up constantly (see Javascript in IE Overtakes Flash as Number One Target for Angler Exploit Kit) and EMET was never meant to be infallible, just make it more difficult for hackers. EMET, which uses a set of predefined rules to prevent specific malware, is often relied upon to stop zero-day attacks on Windows systems until a patch is developed for the vulnerability. Although researchers have previously discovered vulnerabilities that allowed them to bypass EMET defenses, this is the first time an exploit in the wild has been successful.
Read More
Posted by
Michael Gorelik on March 2, 2016
In Morphisec labs, we are constantly tracking the behavior of the exploit kits that are making life easy for hackers and complicated for security managers. Since the EKs need to take advantage of whatever vulnerability they can find on an end user’s device, they typically have a roster of vulnerabilities to try, and if the first one does not work, they go on to the next one.
Read MoreSubscribe to our blog
Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.
Search Our Site
Recent Posts
Posts by Tag
- Cyber Security (98)
- Endpoint Security (84)
- Cyber Attacks (48)
- Attack Analysis (46)
- Company News (39)
- Morphisec Labs (39)
- Ransomware (38)
- Moving Target Defense (37)
- Exploits (30)
- Security News (20)
- Industry News (19)
- Threat Alerts (19)
- Threat Profile (19)
- Fileless Attacks (18)
- Zero-day (17)
- APT (16)
- Research (15)
- CISO (14)
- Events (14)
- Product (12)
- Malware (11)
- 0-day exploits (10)
- Patching (9)
- Threat Research (8)
- Ransomware Prevention (6)
- Sandbox evasion (6)
- VDI (6)
- advanced endpoint protection (6)
- virtual desktop security (6)
- Exploit Kit (5)
- Microsoft (5)
- Mordechai Guri (5)
- Remote Access Trojan (5)
- Remote Employees (5)
- Threat Report (5)
- Work from Home Security (5)
- virtual desktop infrastructure (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- Cyber Security Stack (4)
- HEALTHCARE CYBERSECURITY (4)
- Proactive Cyber Defense (4)
- cloud workload security (4)
- Angler Kit (3)
- Cyber threat landscape (3)
- Cybersecurity Measures (3)
- Evasive Malware (3)
- FIN7 (3)
- HEALTHCARE'S CYBERSECURITY WEAK SPOTS (3)
- Holidays (3)
- Malspam (3)
- Proactive Endpoint Protection (3)
- cloud workload protection (3)
- remote workforce (3)
- vdi security (3)
- COST OF RANSOMWARE IN HEALTHCARE (2)
- Case Study (2)
- Crypters (2)
- Cybersecurity Spending (2)
- Healthcare Threat Index (2)
- Hospital Cybersecurity (2)
- Linux Security (2)
- MLTR (2)
- MS Office Exploits (2)
- POS (2)
- Proactive Prevention (2)
- RYUK RANSOMWARE (2)
- Security Stack (2)
- State and Local Government Cybersecurity (2)
- Supply Chain attack (2)
- Webinars (2)
- Zero Trust Security (2)
- cloud security (2)
- non-persistent VDI (2)
- proactive cloud workload security (2)
- protect cloud workloads (2)
- ransomware risk in healthcare (2)
- Banking Trojans (1)
- Breach Prevention (1)
- COVID-19 ransomware prevention (1)
- Cerber (1)
- Cobalt Group (1)
- Collaboration Applications (1)
- Cuba ransomware gang (1)
- Customer Stories (1)
- Cyber Hygiene (1)
- Defender for Endpoint (1)
- Defending infrastructure against cyber threats (1)
- EDR (1)
- Egregor (1)
- Egregor ransomware (1)
- Emerging cyber threats (1)
- Emerging threats (1)
- Endpoint Detection and Response (1)
- European Union (1)
- Exchange Server (1)
- FALLOUT EXPLOIT KIT (1)
- Fallout activity (1)
- Flash wrapper (1)
- FlawedAmmyy (1)
- GDPR (1)
- GOOGLE FUNDING SECURITY DEVELOPMENT (1)
- GRANDCRAB RANSOMWARE (1)
- Gozi (1)
- Hancitor (1)
- Healthcare (1)
- Higher Education Cybersecurity (1)
- Hospitality Threat Index (1)
- Hotel Cybersecurity (1)
- IT security budget (1)
- Kovter (1)
- Lean Security Team (1)
- MODERN CYBERSECURITY (1)
- Malvertising (1)
- Microsoft Defender (1)
- Morphisec Guard (1)
- Morphisec News (1)
- NGAV (1)
- OCR Bypass (1)
- OS-Native Security (1)
- Osiris (1)
- POS intrusions (1)
- PROTECT YOURSELF FROM GRANDCRAB (1)
- Phobos ransomware (1)
- Pied Piper Campaign (1)
- Product News (1)
- REMOTE COLLABORATION APPLICATIONS (1)
- Retail Cybersecurity (1)
- Risk Reduction (1)
- RotaJakiro malware (1)
- SECURITY RESILIENCY (1)
- SecOps (1)
- Server Security (1)
- ThreadKit (1)
- Ursnif (1)
- Windows Print Spooler (1)
- Zoom Security (1)
- advanced cyberthreat tactics (1)
- advanced threat prevention (1)
- advanced threat tactics (1)
- antivirus scanning processes (1)
- aslr meaning (1)
- browser attacks (1)
- calculate cybersecurity ROI (1)
- cloud misconfigurations (1)
- code injection (1)
- cyber defense technology (1)
- cyber prevention mechanisms (1)
- cyber strategies (1)
- cyberattack landscape (1)
- cybersecurity acronyms (1)
- cybersecurity resilience (1)
- data breach incident (1)
- end to end visibility (1)
- endpoint security breaches (1)
- ethical hacking tool (1)
- fallout protection (1)
- financial cyberattacks (1)
- financial cyberthreat (1)
- financial system threat (1)
- malware authors (1)
- patch management processes (1)
- persistent VDI (1)
- proactive threat prevention (1)
- remote collaboration app security loopholes (1)
- remote workforce hidden risks (1)
- retail cybersecurity risks (1)
- threat prevention (1)
- virtual endpoints (1)
