Cybersecurity Blog

Morphisec researchers have identified a significant vulnerability, CVE-2024-38021 — a zero-click remote code execution (RCE) vulnerability that impacts most Microsoft Outlook applications.

Security configurations are the backbone of a robust cybersecurity framework. Ensuring these configurations are correctly set across your environment is crucial for defending against potential breaches.

Maintaining a robust security posture is paramount in today’s ever-evolving cybersecurity landscape — and effective security controls management is a critical component of this effort.  

When it comes to the cybersecurity tech stack, many teams admittedly suffer from tech bloat. In many ways the continuous evolution of the threat landscape and an ever-growing list of unique use cases has made tech bloat inevitable. Tools...

In the ever-evolving landscape of cybersecurity, staying ahead of threats is paramount. At Morphisec, our team of dedicated researchers continuously strives to identify and mitigate emerging vulnerabilities to protect organizations worldwide. 

...

Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a group suspected to have geopolitical and/or hacktivist ties. While the group’s geographical origin and home base remain unclear, recent attack techniques...

The cyber threat landscape is undeniably complex and dynamic. Traditional cybersecurity measures are struggling to detect and stop attacks before they can cause damage. The IBM Cost of a Data Breach Report for 2023 found that only one-third of...

As the threat landscape evolves, it presents ever-increasing risks and costs driven by progressive factors like financial incentives for threat actors, the availability of malware, expanding attack surfaces, and the sophisticated capabilities of...

Morphisec has successfully identified and prevented a new variant of IDAT loader. This loader is used to deliver a range of malware payloads based on the attacker's assessment of the victim's system. Distinguished by its modular architecture, IDAT...

Morphisec announced the launch of the Anti-Ransomware Assurance Suite to help organizations pre-emptively reduce exposure to cyber risk, proactively prevent advance threats and ensure optimal anti-ransomware defense. Powered by Automated Moving...

Globally, ransomware is big business, with millions of attacks targeting organizations every day. Not every attack is financially successful, but with keen attention to detail, attackers have (and continue to) tune tactics, making ransomware a...

When it comes to endpoint security, Microsoft Defender for Endpoint is a popular choice, and is the fastest growing endpoint protection platform, boasting over 19% market share. Additionally, the solution is consistently named a “leader” in the...

CVE-2024-2883 is a critical vulnerability found in ANGLE, a component of Google Chrome and Microsoft Edge. The vulnerability is exploitable via crafted HTML pages, allowing remote attackers to exploit heap corruption. The potential impact is high,...

Recently, Morphisec Labs identified a significant increase in activity linked to Mispadu (also known as URSA), a banking trojan first flagged by ESET in 2019. Initially concentrated on LATAM countries and Spanish-speaking individuals, Mispadu has...

(Updated March 29th, 2024)

The National Vulnerability Database (NVD) has long been a crucial resource for organizations in managing their vulnerability lifecycle and ensuring the security of their systems. However, recent developments have...

Morphisec Threat Labs recently discovered multiple indicators of attacks leading to threat actor, UAC-0184. This discovery sheds light on the notorious IDAT loader delivering the Remcos Remote Access Trojan (RAT) to a Ukrainian entity based in...

This blog examines the Akira Ransomware as a Service (RaaS) group, to understand their Tactics, Techniques, and Procedures (TTPs), and validate how Morphisec’s patented Anti-Ransomware solution powered by Automated Moving Target Defense (AMTD) can...

Ensuring and maintaining a robust defense-in-depth strategy requires new technology investments, especially as many standard detection and response technologies can’t stop ransomware and the evasive and sophisticated techniques attackers are...

If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved by cyber security experts. So Morphisec has created a comprehensive...

Gartner released two reports this month including Gartner® Emerging Tech: Security — AMTD Transforms Endpoint Protection¹and Gartner Emerging Tech: AMTD Advances Proactive Cloud Defense ² report, which each feature Morphisec as a sample vendor.