ON-DEMAND WEBINAR: Morphisec's Top 10 Security Predictions - Outlook into 2024
arrow-white arrow-white Watch now
close
Posted by Oren Dvoskin on February 6, 2024

If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved by cyber security experts. So Morphisec has created a comprehensive...

Read More
Posted by Arnold Osipov on January 18, 2024

In ongoing efforts to monitor and analyze emerging cyber threats, Morphisec Threat Labs has recently turned its focus to Chae$ 4.1, an update to the Chaes malware Infostealer series. This version introduces key updates, including an improved Chronod...

Read More
Posted by Michael Gorelik on December 13, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) recently sounded the alarm on the widespread exploitation of the Citrix Bleed vulnerability. This critical security flaw has had a significant impact across various industries in the United...

Read More
Posted by Jay Kurup on October 6, 2023

Apple Security Engineering and Architecture (SEAR) and the Citizen Lab opened a pair of critical vulnerabilities relating to the abuse of WebP images which could lead to exploitation of Google Chrome and Chromium-based browsers, as well as the...

Read More
Posted by Oren Dvoskin on June 23, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) admitted it is providing support to several Federal agencies that were breached following vulnerabilities exposed in the Progress (formerly Ipswitch) MOVEit Transfer solution. According...

Read More
Posted by Mitchell Hall on February 21, 2023

Security success doesn't happen in a vacuum. Security conferences give practitioners, decision-makers, and vendors a chance to get outside the bubble of day-to-day life. So, what are the top in-person and virtual cybersecurity conferences in 2023?

Read More
Posted by Alon Shekalim & Michael Dereviashkin on February 15, 2023

Morphisec has recently identified a highly evasive malware campaign delivering ProxyShellMiner to Windows endpoints.

Read More
Posted by Morphisec Labs on December 7, 2022

During November, Morphisec identified a brand-new variant of Babuk ransomware while investigating a customer's prevention event. Babuk was first discovered at the beginning of 2021, when it began targeting businesses to steal and encrypt data in...

Read More
Posted by Mitchell Hall on June 2, 2022

Last week the Conti ransomware group "went dark" and might have shut down. Shortly before doing so, they went to war with an entire nation. Their ransomware attack paralyzed dozens of public institutions in Costa Rica in early May. The newly...

Read More
Posted by Morphisec Team on October 7, 2021

A successful security breach brings with it a host of legal and financial ramifications, including cleanup costs paid to remediation vendors and possible penalties from the exfiltration of sensitive data. The rise of data protection regulations...

Read More
Posted by Nuni Snowden on August 21, 2021

Is that a rat or a phoenix? Usually, the answer to such a question would be simple. However, when it comes to threat actors, nothing is ever as easy as it appears. For this reason we’ve compiled the latest news on cyber threats, new(ish) ransomware...

Read More
Posted by Nuni Snowden on August 19, 2021

Credential theft is one of the most common ways for adversaries to gain access to critical systems. Multi-factor authentication (MFA) or its cousin two-factor authentication (2FA) are two of the technologies designed to limit this particular type of...

Read More
Posted by Matthew Delman on August 11, 2021

As a landmark piece of legislation, the General Data Protection Regulation (GDPR) was undoubtedly created with the safety and privacy of European consumers’ personal data in mind. However, while certainly designed with good intentions, the GDPR,...

Read More
Posted by Nuni Snowden on August 7, 2021

This week in security has seen some new moves from the federal government on zero trust, tighter collaboration with the private tech sector, and more than a few new attacks from groups operating in China and Iran. With that said, here’s the security...

Read More
Posted by Nuni Snowden on July 17, 2021

Wow, what a week. From new incentives to become a cyber defender to new targets for threat actors, this week had it all. We start with the $10 million dollar information bounty currently offered by the US Government and we end with the startling...

Read More
Posted by Nuni Snowden on July 3, 2021

Welcome to the latest edition of security news in review. In this biweekly roundup, we collect news on attacks and threats that may have an impact on your business. Today, we have stories on REvil encrypting hundreds of organizations at once, the...

Read More
Posted by Matthew Delman on July 1, 2021

Cybercriminals have pounced on the COVID-19 crisis, made clear by the number of ransomware attacks increasing by at least 150 percent in 2020. As a follow-on consequence, organizations have started purchasing cyber insurance policies to hedge...

Read More
Posted by Matthew Delman on June 19, 2021

This week in security news in review, we have reporting on the Avaddon ransomware gang closing down, Google releasing a new framework about supply chain attack prevention, and a new malware that prevents you from visiting piracy sites. These and...

Read More
Posted by Nuni Snowden on June 12, 2021

This week we have good news and bad news. On the one hand, a COO was caught and charged with potentially attacking a rival medical institution. A stolen data marketplace was shut down and bugs were found (all around). However, there has also been an...

Read More
Posted by Matthew Delman on May 29, 2021

Welcome to your weekly roundup of cybersecurity news. In the current edition, you’ll find information about a new campaign by the threat group behind the SolarWinds supply chain attack, Belgian authorities closing a campaign they think originated in...

Read More