blog.morphisec.comMorphisec Breach Prevention Blog

Cybersecurity Tech Investment Planning: Use annual loss expectancy to build a business case Support Partners Under Attack? Products Product Overview Adaptive Exposure Management Morphisec for Windows Endpoints Morphisec for Windows Servers & Workloads Morphisec for Linux Server Protection Incident Response Services About Moving Target Defense Solutions By Industry Finance Hedge Funds Healthcare Technology Manufacturing Legal K-12 Education SMB By Use Case Microsoft Defender AV Microsoft Defender for Endpoint Virtual Desktop Protection Cloud Workload Protection Remote Employee Security Ransomware Prevention Virtual Patching and Compliance Supply Chain Attack Protection Browser Attack Protection CompanyNews & Events Careers Contact Us Resources Blog Learning Center Customer Stories Products Products Product Overview Adaptive Exposure Management Morphisec for Windows Endpoints Morphisec for Windows Servers & Workloads Morphisec for Linux Server Protection Incident Response Services About Moving Target Defense Solutions Solutions By Industry Finance Hedge Funds Healthcare Technology Manufacturing Legal K-12 Education SMB By Use Case Microsoft Defender AV Microsoft Defender for Endpoint Virtual Desktop Protection Cloud Workload Protection Remote Employee Security Ransomware Prevention Virtual Patching and Compliance Supply Chain Attack Protection Browser Attack Protection Company CompanyNews & Events Careers Contact Us Resources Resources Learning Center Customer Stories Blog Support Partners Under Attack? Cybersecurity Blog Cybersecurity News, Threat Research, and more from the Team Spearheading the Evolution of Endpoint Security Evolving Cyber Resiliency: How Adaptive Exposure Management Strengthens CTEM Programs Posted by Brad LaPorte on April 25, 2024 As the threat landscape evolves, it presents ever-increasing risks and costs driven by progressive factors like financial incentives for threat actors, the availability of malware, expanding attack surfaces, and the sophisticated capabilities of... Read More Threat Bulletin – New variant of IDAT Loader Posted by Jay Kurup on April 24, 2024 Morphisec has successfully identified and prevented a new variant of IDAT loader . This loader is used to deliver a range of malware payloads based on the attacker’s assessment of the victim’s system. Distinguished by its modular architecture, IDAT... Read More Introducing the Anti-Ransomware Assurance Suite: A Multi-Layered Guard Against Ransomware Posted by Brad LaPorte on April 16, 2024 Morphisec announced the launch of the Anti-Ransomware Assurance Suite to help organizations pre-emptively reduce exposure to cyber risk, proactively prevent advance threats and ensure optimal anti-ransomware defense. Powered by Automated Moving... Read More History of Ransomware: The Evolution of Attacks and Defense Mechanisms Posted by Brad LaPorte on April 11, 2024 Globally, ransomware is big business, with millions of attacks targeting organizations every day. Not every attack is financially successful, but with keen attention to detail, attackers have (and continue to) tune tactics, making ransomware a... Read More Preventing Ransomware and Advanced Endpoint Threats with Morphisec + Microsoft Defender for Endpoint Posted by Oren Dvoskin on April 3, 2024 When it comes to endpoint security, Microsoft Defender for Endpoint is a popular choice , and is the fastest growing endpoint protection platform, boasting over 19% market share . Additionally, the solution is consistently named a leader” in the... Read More Threat Bulletin – CVE-2024-2883 Posted by Jay Kurup on April 3, 2024 CVE-2024-2883 is a critical vulnerability found in ANGLE, a component of Google Chrome and Microsoft Edge. The vulnerability is exploitable via crafted HTML pages, allowing remote attackers to exploit heap corruption. The potential impact is high,... Read More Breaking Boundaries: Mispadu’s Infiltration Beyond LATAM Posted by Arnold Osipov on March 26, 2024 Recently, Morphisec Labs identified a significant increase in activity linked to Mispadu (also known as URSA), a banking trojan first flagged by ESET in 2019. Initially concentrated on LATAM countries and Spanish-speaking individuals, Mispadu has... Read More The National Vulnerability Database Crisis: Defend Against Unpatched Vulnerabilities Posted by Brad LaPorte on March 11, 2024 (Updated March 29th, 2024) The National Vulnerability Database (NVD) has long been a crucial resource for organizations in managing their vulnerability lifecycle and ensuring the security of their systems. However, recent developments have... Read More Unveiling UAC-0184: The Steganography Saga of the IDAT Loader Delivering Remcos RAT to a Ukraine Entity in Finland Posted by Michael Dereviashkin on February 26, 2024 Morphisec Threat Labs recently discovered multiple indicators of attacks leading to threat actor, UAC-0184. This discovery sheds light on the notorious IDAT loader delivering the Remcos Remote Access Trojan (RAT) to a Ukrainian entity based in... Read More Cracking Akira Ransomware: Prevention and Analysis by TTPs Posted by Jay Kurup on February 20, 2024 This blog examines the Akira Ransomware as a Service (RaaS) group, to understand their Tactics, Techniques, and Procedures (TTPs), and validate how Morphisec’s patented Anti-Ransomware solution powered by Automated Moving Target Defense (AMTD) can... Read More Using Annual Loss Expectancy for Cybersecurity Tech Investment Planning Posted by Oren Dvoskin on February 12, 2024 Ensuring and maintaining a robust defense-in-depth strategy requires new technology investments, especially as many standard detection and response technologies can’t stop ransomware and the evasive and sophisticated techniques attackers are... Read More The Ultimate List of Cyber Security Terms Posted by Oren Dvoskin on February 6, 2024 If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved by cyber security experts. So Morphisec has created a comprehensive... Read More Gartner® Releases Two Concurrent Reports Championing Automated Moving Target Defense (AMTD) Technology Posted by Oren Dvoskin on January 24, 2024 Gartner released two reports this month including Gartner® Emerging Tech: Security — AMTD Transforms Endpoint Protection 1 and Gartner Emerging Tech: AMTD Advances Proactive Cloud Defense 2 report, which each feature Morphisec as a sample vendor. Read More Chae$ Chronicles: Version 4.1 Dedicated to Morphisec Researchers Posted by Arnold Osipov on January 18, 2024 In ongoing efforts to monitor and analyze emerging cyber threats, Morphisec Threat Labs has recently turned its focus to Chae$ 4.1, an update to the Chaes malware Infostealer series. This version introduces key updates, including an improved Chronod... Read More Threat Bulletin – CVE-2023-7024 Posted by Jay Kurup on January 8, 2024 Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Read More Responding to CitrixBleed (CVE-2023-4966): Key Takeaways from Affected Companies Posted by Michael Gorelik on December 13, 2023 The Cybersecurity and Infrastructure Security Agency (CISA) recently sounded the alarm on the widespread exploitation of the Citrix Bleed vulnerability. This critical security flaw has had a significant impact across various industries in the United... Read More Morphisec Fortifies Capabilities with Next-gen Risk-Based Vulnerability Prioritization Posted by Jay Kurup on November 28, 2023 Security leaders are acutely aware of vulnerability risks. Organizations continue to allocate thousands of dollars to periodic vulnerability assessments, and thousands more to technology and resources for mitigation — yet vulnerability-based breach... Read More Automated Moving Target Defense included in the Gartner® Hype Cycle™ for Endpoint...