Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.
Read More
Posted by
Morphisec Team on January 20, 2017
Posted by
Shelley Leveson on June 8, 2016
The recent FireEye discovery of an Angler Exploit Kit variant that bypasses Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) has taken the cyber security world by surprise – but it shouldn’t have. New variants of the Angler EK crop up constantly (see Javascript in IE Overtakes Flash as Number One Target for Angler Exploit Kit) and EMET was never meant to be infallible, just make it more difficult for hackers. EMET, which uses a set of predefined rules to prevent specific malware, is often relied upon to stop zero-day attacks on Windows systems until a patch is developed for the vulnerability. Although researchers have previously discovered vulnerabilities that allowed them to bypass EMET defenses, this is the first time an exploit in the wild has been successful.
Read More
Posted by
Michael Gorelik on March 2, 2016
In Morphisec labs, we are constantly tracking the behavior of the exploit kits that are making life easy for hackers and complicated for security managers. Since the EKs need to take advantage of whatever vulnerability they can find on an end user’s device, they typically have a roster of vulnerabilities to try, and if the first one does not work, they go on to the next one.
Read MoreSubscribe to our blog
Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.
Search Our Site
Recent Posts
Posts by Tag
- Cyber Security (98)
- Endpoint Security (83)
- Cyber Attacks (48)
- Attack Analysis (46)
- Company News (38)
- Moving Target Defense (37)
- Morphisec Labs (35)
- Ransomware (31)
- Exploits (30)
- Threat Alerts (19)
- Threat Profile (19)
- Fileless Attacks (18)
- Industry News (18)
- Zero-day (17)
- APT (16)
- Research (15)
- CISO (14)
- Events (14)
- Product (12)
- Malware (11)
- 0-day exploits (10)
- Security News (10)
- Patching (9)
- Sandbox evasion (6)
- VDI (6)
- advanced endpoint protection (6)
- virtual desktop security (6)
- Exploit Kit (5)
- Microsoft (5)
- Mordechai Guri (5)
- Remote Employees (5)
- Threat Report (5)
- Work from Home Security (5)
- virtual desktop infrastructure (5)
- ASLR (4)
- Custom Packer (4)
- Cyber Security Predictions 2017 (4)
- Cyber Security Stack (4)
- Proactive Cyber Defense (4)
- Ransomware Prevention (4)
- Remote Access Trojan (4)
- cloud workload security (4)
- Angler Kit (3)
- Cyber threat landscape (3)
- Cybersecurity Measures (3)
- FIN7 (3)
- Holidays (3)
- Malspam (3)
- Proactive Endpoint Protection (3)
- cloud workload protection (3)
- remote workforce (3)
- vdi security (3)
- Case Study (2)
- Collaboration Applications (2)
- Evasive Malware (2)
- Hospital Cybersecurity (2)
- Linux Security (2)
- MLTR (2)
- MS Office Exploits (2)
- POS (2)
- Proactive Prevention (2)
- Security Stack (2)
- State and Local Government Cybersecurity (2)
- Threat Research (2)
- Webinars (2)
- cloud security (2)
- non-persistent VDI (2)
- proactive cloud workload security (2)
- protect cloud workloads (2)
- Antivirus (1)
- Banking Trojans (1)
- COVID-19 ransomware prevention (1)
- Cerber (1)
- Citized Threat Index (1)
- Cobalt Group (1)
- Crypters (1)
- Cuba ransomware gang (1)
- Cyber Hygiene (1)
- Cyber hygiene practices (1)
- Cybersecurity Spending (1)
- Defender for Endpoint (1)
- Defending infrastructure against cyber threats (1)
- EDR (1)
- Egregor (1)
- Egregor ransomware (1)
- Emerging cyber threats (1)
- Emerging threats (1)
- Endpoint Detection and Response (1)
- Exchange Server (1)
- FALLOUT EXPLOIT KIT (1)
- Fallout activity (1)
- Flash wrapper (1)
- FlawedAmmyy (1)
- GDPR (1)
- GOOGLE FUNDING SECURITY DEVELOPMENT (1)
- GRANDCRAB RANSOMWARE (1)
- Gozi (1)
- HEALTHCARE CYBERSECURITY (1)
- HEALTHCARE'S CYBERSECURITY WEAK SPOTS (1)
- Hancitor (1)
- Healthcare (1)
- Higher Education Cybersecurity (1)
- Hospitality Threat Index (1)
- Hotel Cybersecurity (1)
- Kovter (1)
- MODERN CYBERSECURITY (1)
- Microsoft Defender (1)
- Morphisec Guard (1)
- NGAV (1)
- OCR Bypass (1)
- OS-Native Security (1)
- Osiris (1)
- POS intrusions (1)
- PROTECT YOURSELF FROM GRANDCRAB (1)
- Phobos ransomware (1)
- Pied Piper Campaign (1)
- Product News (1)
- REMOTE COLLABORATION APPLICATIONS (1)
- RYUK RANSOMWARE (1)
- Retail Cybersecurity (1)
- Risk Reduction (1)
- SECURITY RESILIENCY (1)
- SecOps (1)
- Server Security (1)
- Supply Chain attack (1)
- ThreadKit (1)
- Ursnif (1)
- Zoom Security (1)
- advanced cyberthreat tactics (1)
- advanced threat prevention (1)
- advanced threat tactics (1)
- antivirus scanning processes (1)
- aslr meaning (1)
- browser attacks (1)
- cloud misconfigurations (1)
- code injection (1)
- cyber defense technology (1)
- cyber prevention mechanisms (1)
- cyber strategies (1)
- cyberattack landscape (1)
- cybersecurity acronyms (1)
- cybersecurity resilience (1)
- end to end visibility (1)
- endpoint security breaches (1)
- fallout protection (1)
- financial cyberattacks (1)
- financial cyberthreat (1)
- financial system threat (1)
- healthcare phishing schemes (1)
- malware authors (1)
- patch management processes (1)
- persistent VDI (1)
- proactive threat prevention (1)
- remote collaboration app security loopholes (1)
- remote workforce hidden risks (1)
- retail cybersecurity risks (1)
- threat prevention (1)
- virtual endpoints (1)
- zoom malware (1)
- zoom weaknesses (1)