Morphisec Cyber Security Blog

The IT world is still shaking from the news that most modern processors have severe architecture flaws. This makes it possible for attackers to gain access to user mode and kernel memory data to leak crypto-keys, passwords, memory structures like loaded module addresses and other valuable information. The security flaws potentially affect all major CPUs, including chips manufactured by Intel, AMD and ARM.

--- 

Watch our security alert webinar on-demand in which Morphisec CTO Michael Gorelik, cuts through the noise surrounding the Meltdown and Spectre CPU vulnerabilities and answers live questions. 

WATCH IT NOW!

----

Cybersecurity had a turbulent 2016, to say the least. We saw the rise of ransomware, the emergence of IoT botnets, landmark security legislation and Yahoo’s disclosure about its 1-billion-record-hack, the largest in history.

Explosive news about vulnerabilities found in FireEye's security software are hitting the headlines. ZDNet, Ars Technica, PCworld and more reported about the findings by the Google Project Zero researchers. First, let’s give kudos to FireEye for acting quickly on the discovery and release a final patch in a matter of days, thus preventing a nightmare in which a remote code executing would lead to compromise the entire computer system and network of their customers.

We often get asked how our Moving Target Defense (MTD) approach differs from ASLR. While the concepts may sound similar, ASLR is missing several key elements to make it successful at countering 0-day and targeted attacks.