Mandiant cybersecurity researchers recently released a blog on a memory-only dropper which uses a complex multi-stage infection process. This PowerShell-based downloader is being tracked as PEAKLIGHT. Mandiant researcher findings note that this...
Read MoreRecently, Morphisec researchers discovered a vulnerability in Microsoft Outlook that can lead to remote code execution (RCE). This vulnerability, identified as CVE-2024-38021, highlights a significant security flaw within the Microsoft Outlook...
Read MoreAs part of our ongoing efforts to identify newer vulnerabilities in Microsoft Office applications, Morphisec researchers have discovered two additional critical vulnerabilities in the Microsoft Outlook application which were reported to Microsoft...
Read MoreRecently, Morphisec researchers discovered a vulnerability in Microsoft Outlook, which highlights the potential for remote code execution within the context of the Outlook application. This newly identified vulnerability, CVE-2024-30103, allows...
Read MoreA recent faulty configuration file in CrowdStrike's Falcon platform caused a significant IT disruption, rendering millions of Windows machines inoperable. The result was a multi-day outage event, which affected critical sectors such as airlines,...
Read MoreYou’ve Got Mail: Critical Microsoft Outlook Vulnerability CVE-2024-30103 Executes as Email is Opened
In the ever-evolving landscape of cybersecurity, staying ahead of threats is paramount. At Morphisec, our team of dedicated researchers continuously strives to identify and mitigate emerging vulnerabilities to protect organizations worldwide.
...
Read MoreCVE-2024-2883 is a critical vulnerability found in ANGLE, a component of Google Chrome and Microsoft Edge. The vulnerability is exploitable via crafted HTML pages, allowing remote attackers to exploit heap corruption. The potential impact is high,...
Read MoreIf you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved by cyber security experts. So Morphisec has created a comprehensive...
Read MoreIn ongoing efforts to monitor and analyze emerging cyber threats, Morphisec Threat Labs has recently turned its focus to Chae$ 4.1, an update to the Chaes malware Infostealer series. This version introduces key updates, including an improved Chronod...
Read MoreThe Cybersecurity and Infrastructure Security Agency (CISA) recently sounded the alarm on the widespread exploitation of the Citrix Bleed vulnerability. This critical security flaw has had a significant impact across various industries in the United...
Read MoreApple Security Engineering and Architecture (SEAR) and the Citizen Lab opened a pair of critical vulnerabilities relating to the abuse of WebP images which could lead to exploitation of Google Chrome and Chromium-based browsers, as well as the...
Read MoreSecurity success doesn't happen in a vacuum. Security conferences give practitioners, decision-makers, and vendors a chance to get outside the bubble of day-to-day life. So, what are the top in-person and virtual cybersecurity conferences in 2023?
Read MoreMorphisec has recently identified a highly evasive malware campaign delivering ProxyShellMiner to Windows endpoints.
Read MoreDuring November, Morphisec identified a brand-new variant of Babuk ransomware while investigating a customer's prevention event. Babuk was first discovered at the beginning of 2021, when it began targeting businesses to steal and encrypt data in...
Read MoreA successful security breach brings with it a host of legal and financial ramifications, including cleanup costs paid to remediation vendors and possible penalties from the exfiltration of sensitive data. The rise of data protection regulations...
Read MoreIs that a rat or a phoenix? Usually, the answer to such a question would be simple. However, when it comes to threat actors, nothing is ever as easy as it appears. For this reason we’ve compiled the latest news on cyber threats, new(ish) ransomware...
Read MoreCredential theft is one of the most common ways for adversaries to gain access to critical systems. Multi-factor authentication (MFA) or its cousin two-factor authentication (2FA) are two of the technologies designed to limit this particular type of...
Read MoreSearch Our Site
Recent Posts
Posts by Tag
- Automated Moving Target Defense (151)
- Cyber Security News (131)
- Threat Research (131)
- Morphisec Labs (120)
- Morphisec News (55)
- Defense-in-Depth (12)
- Gartner (9)
- Ransomware (9)
- Adaptive Exposure Management (8)
- Continuous Threat Exposure Management (CTEM) (8)
- In-Memory Attacks (7)
- Threat and Vulnerability Management (5)
- Advanced Threat Defense (4)
- Microsoft (4)
- Runtime Attacks (4)
- ChatGPT (3)
- Evasive Loader (3)
- Fileless Malware (3)
- Financial Cybersecurity (3)
- Legacy Security (3)
- Linux Cybersecurity (3)
- Product Blogs (3)
- Healthcare Cybersecurity (2)
- Patch Management (2)
- Anti-tampering (1)
- Artificial Intelligence (1)
- IoT Security (1)
- Managed Service Providers (1)
- Server Security (1)