<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">
Posted by Hido Cohen on May 12, 2022

With 50% more users last year than in 2020, the number of people using the community chat platform Discord is growing at a blistering pace. This has led cybercriminals to refine and expand malicious attack use cases for the platform. In this threat...

Read More
Posted by Morphisec Labs on April 25, 2022

Morphisec is a world leader in preventing evasive polymorphic threats launched from zero-day exploits. On April 14 and 15, Morphisec identified exploitation attempts for a week-old VMware Workspace ONE Access (formerly VMware Identity Manager)...

Read More
Posted by Michael Dereviashkin on April 5, 2022

As Russia’s invasion of Ukraine continues, new wiper malware has surfaced attacking Ukrainian infrastructure. Caddywiper was first detected on March 14, 2022. It destroys user data, partitions information from attached drives, and has been spotted...

Read More
Posted by Hido Cohen on March 30, 2022

Morphisec Labs has detected a new wave of Remcos trojan infection. The theme of the phishing emails is again financial, this time as payment remittances sent from financial institutions. The attacker lures a user to open a malicious Excel file that...

Read More
Posted by Arnold Osipov on March 29, 2022

The Morphisec Labs team has conducted research on the new Mars infostealer. Mars is based on the older Oski Stealer and was first discovered in June 2021. The new Mars is available for sale on several underground forums and is reported to be under...

Read More
Posted by Hido Cohen on March 23, 2022

Morphisec Labs has observed a new wave of JSSLoader infections this year. We’ve tracked JSSLoader activity since December 2020 and published a thorough report on the Russian criminal hacking group FIN7’s JSSLoader: The Evolution of the FIN7...

Read More
Posted by Hido Cohen & Arnold Osipov on February 14, 2022

With examples changing hands for up to $69 million, hosting digital content on blockchain and selling it to investors has become one of the most lucrative things creators can do. And as rock stars, international artists, and even politicians keep...

Read More
Posted by Morphisec Labs on January 28, 2022

As a continuation to our previously published blog post on VMWare Horizon being targeted through the Log4j vulnerability, we have now identified Unifi Network applications being targeted in a similar way on a number of occasions. Based on...

Read More
Posted by Michael Dereviashkin on January 25, 2022

Morphisec, through its breach prevention with Moving Target Defense technology, has identified a new, sophisticated campaign delivery which has been successfully evading the radar of many security vendors. Through a simple email phishing tactic...

Read More
Posted by Michael Gorelik on January 20, 2022

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. [see “Protecting Against the Log4J Vulnerability”] Countless millions of devices instantly became at risk of attack,...

Read More
Posted by Michael Gorelik on January 12, 2022

With a year-on-year increase of over 161%, malicious usage of cracked versions of Cobalt Strike (a legitimate penetration test tool) is skyrocketing. For organizations that still rely on signature-based next generation antivirus (NGAV) solutions to...

Read More
Posted by Michael Gorelik on December 17, 2021

On December 9th, 2021, reports surfaced about a new zero-day vulnerability, termed Log4j (Log4Shell), impacting Minecraft servers. Now, almost one week later, it is clear that countless millions of devices are at risk, and Log4j may rank among the...

Read More
Posted by Michael Gorelik on November 18, 2021

Almost a year after an international law enforcement effort supposedly defeated it, Emotet, aka "the world's most dangerous botnet," has returned. Earlier this week, German security researcher Luca Ebach reported seeing malware with Emotet-like...

Read More
Posted by Hido Cohen & Michael Dereviashkin on October 28, 2021
  • The Go language is becoming increasingly popular among threat actors, with attacks starting to appear in 2019
  • Morphisec Labs has tracked a new Golang-based (1.17) ransomware variant that appeared starting in late September and continued...
Read More
Posted by Arnold Osipov on October 14, 2021
  • Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations 
  • MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document
  • MirrorBlast has low detections on...
Read More
Posted by Nadav Lorber on September 21, 2021

In 2020, Morphisec introduced the Jupyter infostealer, a .NET attack that primarily targets Chromium, Firefox, and Chrome browser data while also maintaining the additional capabilities of a backdoor. 

Read More
Posted by Morphisec Labs on August 27, 2021

On approximately August 21, 2021, security researchers, cybersecurity leaders, and eventually the CISA, began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed and unprepared victims....

Read More
Posted by Morphisec Labs on July 5, 2021

Introduction

On July 2, 2021, Morphisec Keep, our Cloud Workload Protection Platform, successfully identified and prevented a REvil Ransomware infection within some of our customer domains. This attack was automatically blocked in real time due to...

Read More
Posted by Michael Gorelik on June 2, 2021

In the past month, Morphisec has investigated the origin of several increasingly prevalent infostealers. These include Redline, Taurus, Tesla, and Amadey.

As part of our research, we identified pay-per-click (PPC) ads in Google’s search results that...

Read More
Posted by Arnold Osipov on May 14, 2021

Intro:

The Morphisec Labs team has tracked a unique and ongoing RAT delivery campaign that started in February of this year. This campaign is unique in that it heavily uses the AutoHotKey scripting language—a fork of the AutoIt language that is...

Read More

Subscribe to our blog

Stay in the loop with industry insight, cyber security trends, and cyber attack information and company updates.

Healthcare Cybersecurity Summit

Search Our Site

    Recent Posts