Adobe’s Flash Player might be on the way out and exploit kits have taken a backseat to cryptominers, but cybercriminals are still finding ways to harness the potent pairing.
Traditional signature-based detection, i.e., antivirus, has proven wholly ineffective in today’s threat landscape where thousands of new variants are created daily, each with a new signature.
Saks Fifth Avenue, Saks Off 5th, and Lord & Taylor department stores—all owned by The Hudson’s Bay Company—acknowledged a data breach impacting more than five million credit and debit card numbers. The culprits? The same group that's spent the last few years pulling off data heists from Omni Hotels & Resorts, Trump Hotels, Jason’s Deli, Whole Foods, Chipotle: A mysterious group known as Fin7.
A hacking technique - watering hole attacks - has resurfaced for the first time since 2015/16. Morphisec's CTO and malware prevention expert, Michael Gorelik, says it's back and more sophisticated than before, and will be the big thing in 2018.
An attack leveraging the compromised website of a Hong Kong telecommunications company is using a recently patched Flash vulnerability that has been exploited by North Korea since mid-November 2017, Morphisec warns.
A new attack method lets attackers bypass Microsoft's Code Integrity Guard (CIG) and inject malicious code into protected processes, including Microsoft Edge. Researchers at Morphisec this week disclosed the details of the technique and proof-of-concept code.
Malware authors can exploit a flaw in the Windows Code Integrity Guard (CIG) security mechanism to inject malicious, unsigned code into CIG-protected applications, considered to be immune to such attacks.
Every month, Start-Up Nation Central’s channel on Forbes will highlight a handful of startups that have recently raised funding, and that we think are important to keep an eye on.
A vulnerability that was recently patched in Flash Player after being used in targeted attacks is now seeing widespread exploitation in a malicious spam campaign.
According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables editing, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month.
Endpoint security firm Morphisec has spotted a massive campaign that exploits a recently patched Adobe Flash Player vulnerability to deliver malware.
Morphisec, an Israel-based developer of cybersecurity software, raised $12 million in Series B funding. Investors include Orange Digital Ventures, Jerusalem Venture Partners, GE, and Deutsche Telekom.
Orange Digital Ventures annonce sa participation au financement de Morphisec, leader de la technologie Moving Target Defense.
The movement toward next-generation endpoint security has accelerated because cybersecurity professionals aren’t happy with the efficacy of existing antivirus tools. This has led to a wave of investment and innovation from vendors including Morphisec.
Cybersecurity provider Morphisec continues to grow its partner community and has a technological advantage over its main competitors, including Cylance, CrowdStrike and Carbon Black.
Israel's top luxury hotel brand protects itself from advanced threats so it doesn't become another entry in the long list of hotel breaches.
Morphisec makes the list of Solutions Review's top next generation endpoint security vendors to watch.
Aging IT infrastructure and unpatched software vulnerabilities coupled with vast amounts of personal data make retailers make a prime cybercrime target.
Report in French by TF1/LCI about cybersecurity in Israel, including sound bytes by Morphisec CEO Ronen Yehoshua touring our offices located at the cybercity Beer Sheva.
Young women in Europe, the US and Israel have decided before they are even 16 years old that they don’t want a career in cybersecurity. Netta Schmeidler shares her view.
Digitalization in the hospitality industry has brought enormous gains in efficiency but also enormous increases in cyber risk.
In this podcast, Paul Roberts speaks with VP R&D Michael Gorelik CCleaner hack – a hack that Morphisec discovered.
Gorelik is convinced that supply-chain attacks will increase in frequency but believes that there are already other products out there with malicious code added to them...
Michael Gorelik, VP R&D at Morphisec, explained that [...] the TLS initialization of callback functions was probably altered by a modification of the visual studio runtime file.
On Sept. 12, Morphisec warned Avast of the infection, and the latter was able to resolve the issue within 72 hours.
The compromised version of CCleaner [...] was undetected for four weeks, "underscoring the sophistication of the attack," Morphisec VP R&D Michael Gorelik wrote in a blog post.
We thank Morphisec and we owe a special debt to their clever people who identified the threat and allowed us to go about the business of mitigating it.
Women make up just 11% of the world’s information security workforce, according to the 2017 Global Information Security Workforce Study. This is way behind other industries.
Morphisec Lab attributes the malware to FIN7, a group associated with other damaging attacks on large restaurant chains and hospitality organizations.
Morphisec Lab identified a new, highly sophisticated fileless attack targeting restaurants across the US.
Two years ago, IoT attacks were considered exotic, an aberration of interest mainly to those in the industry and conspiracy theorists. No longer.
Report about Morphisec security researchers discovering a new fileless attack framework.
Researchers at Israeli security company Morphisec said today that they discovered a new fileless malware attack framework.
Rob Enderle sees Morphisec as "a universal immunization remedy" for endpoints.
Rob Enderle sees Morphisec as "a universal immunization remedy" for endpoints.
As industry experts begin to roll out their predictions for 2017, what do we need to beware of, in the security field?
With e-commerce attacks in Q3 2016 increasing by 60 percent over the previous year, shopping hazards can hit from all sides.
Omri Dotan gives answers, how retailers can turn the tables and make targets and defenses unpredictable to attackers.
As 2016 comes to an end, the Morphisec team takes the opportunity to look ahead to the new year.
Omri Dotan, CBO at Morphisec, offers tips for locking down ecommerce systems as the busy holiday season approaches.
Developing greater resilience in our critical infrastructure systems requires addressing several interrelated factors,” says Morphisec’s Chief Science Officer Mordechai Guri.
Morphisec's CSO Mordechai Guri explains the challenges in developing and maintaining an IoT-wide security solution.
Mordechai Guri, Chief Science Officer at Morphisec, shares insights.
Last week, Morphisec identified multiple malicious macro-based documents delivering Kovter via targeted emails. Michael Gorelik, VP R&D, explains.
This week’s National Cyber Security Awareness Month theme is “Recognizing and Combating Cybercrime.” Morphisec’s Michael Gorelik shares how to combat this growing threat.
IIoT is transforming the industry, but at what cost? Dotan Omri discusses threats and how to address them.
Article by Morphisec's Omri Dotan, emphasizing that software vulnerabilities translate to business vulnerabilities.
"...MySQL vulnerabilities are proof that new approaches like moving target defense should be deployed in every strata of the computer security stack," say M. Guri.
Morphisec's Chief Science Officer Mordechai Guri gives a technical commentary on the recent mySQL vulnerability
By Ronen Yehoshua, CEO Morphisec. To win, the different security stack layers have to play as a team.
Morphisec is proud to be included in Dark Reading’s round-up of emerging Israeli cybersecurity solutions.
Reward must outweigh costs – Morphisec CEO Ronen Yehoshua explains how this rule applies to more than just business.
Michael Gorelik, VP R&D, weighs in; "I also assume that the group that leaked the dump has much more Zero-Days in their arsenal, so there is concern...."
eSecurityPlanet features Morphisec as an emerging technology in its next-gen endpoint security solution slideshow.
Morphisec's Arthur Braunstein, VP Strategic Accounts, discusses the need for change in the cybersecurity stack paradigm.
Omri Dotan, CBO of Morphisec, discusses the latest news from the AV market and how to gain the “right amount of protection”.
By Omri Dotan. "As long as we continue to remain predictable targets and protect ourselves in predictable ways, security measures will be easy to bypass."
Morphisec's Omri Dotan explains why the “Little Guys” play a major role in preventing breaches.
Mordechai Guri, Chief Science Officer, unmasks the different kind of ransomware attacks and needed defenses.
Morphisec CBO, Omri Dotan, shares his thoughts on the security and privacy implications of Brexit.
Omri Dotan, Morphisec's CBO, comments on the vibrant ecosystem contributing to Israel’s excellence in cybersecurity.
Morphisec co-founder Dudu Mimran explains how CISOs can gain back confidence by prevention in the early infiltration phase.
Trends likely to dominate the field in the upcoming years around intrusion detection. By Mordechai Guri, Chief Science Officer at Morphisec.
"This time the payload was TeslaCrypt Ransomware, but there is no limitation to what payload can be delivered." Commentary by Michael Gorelik.
Michael Gorelik, VP of R&D, comments on zero-day exploit that bypasses Microsoft EMET.
Moving Target Defense, a new proposal by cyber security firm Morphisec, is a potential solution.
The technology suggested by Morphisec achieves this goal by concealing vulnerabilities in applications and web browsers, through a polymorphic engine that randomly
The detection paradigm as a whole suffers from several inherent weaknesses, which adversaries frequently exploit. By Mordechai Guri, CSO at Morphisec.
Commentary of Morphisec CEO Ronen Jehoshua on how to stop ransomware early in the kill chain by preventing exploit kits from finding vulnerabilities.
Exploit Kits: How do you combat something that can take so many forms with Moving Target Defense. By Michael Gorelik.
But what if obscurity became a viable defence? This is the approach Israeli start-up Morphisec has taken this to new level with a novel approach to defeating malware.
Morphisec developed its technology with the aim of lessening the burden of defending endpoint devices by giving enterprises the ability to be proactive and fool
Moving Target Defense (MTD) aims at creating asymmetric uncertainty on the attacker’s side, by changing the attack surface.
A true security-business balance can only be reached with a solution that mitigates the risk of unpatched security vulnerabilities.
According to researchers at Morphisec, the changes made to Nuclear EK increase the chances of bypassing signature and behavior-based solutions.
Researchers at Morphisec, an Israeli start-up focusing on polymorphic defense, a process that earned them kudos during the RSA Conference in 2014, have discovered a
By making computer memory a moving target, a hacker can't mess with it, and therefore can't cause damage to the rest of the computer or the data.
The most interesting solution came from MorphiSec (formerly called Titanium Core), which won JVP’s first ever cyber security competition last year, garnering $1
Morphisec could have prevented recent high profile targeted attacks which were built based on deep understanding of their targets. Such attacks would fail on
As industry experts begin to roll out their predictions for 2017, what can we look forward to, or what do we need to beware of, in the security field?
Security startups are using the techniques of polymorphic malware to better protect enterprises.