EXCLUSIVE WEBINAR: Microsoft Outlook Chaos Unleashed — Live Technical Analysis of New Vulnerabilities
arrow-white arrow-white Secure your spot
close

News & EventsThe Latest From Morphisec

Media Coverage

July 11, 2024

Microsoft Issues Update Warning For All Outlook Users As ‘Dangerous’ New Threat Confirmed

A new report from Morphisec strongly suggests 500-million Outlook users may be running that same level of risk from “a significant… zero-click remote code execution (RCE) vulnerability that impacts most Microsoft Outlook applications.”

Read More
July 11, 2024

Big Security Vulnerability Found in Outlook — What You Need to Do Now

Security researchers from Morphisec recently discovered a serious security hole in Outlook. Called CVE-2024-38021, this is a zero-click remote code execution (RCE) vulnerability that can allow unauthorized access to your system without a single click.

Read More
July 9, 2024

Microsoft Patch Tuesday, July 2024 Edition

Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.

Read More
June 12, 2024

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.

Read More
June 12, 2024

Critical Outlook RCE Vulnerability Exploits Preview Pane – Patch Now!

A critical vulnerability (CVE-2024-30103) in Microsoft Outlook allows attackers to execute malicious code simply by opening an email. This “zero-click” exploit doesn’t require user interaction and poses a serious threat. Learn how this vulnerability works and how to stay protected.

Read More
June 11, 2024

Russia, Belarus aviation sector subjected to Sticky Werewolf attacks

Aviation industry organizations in Russia and Belarus have been targeted with a new phishing campaign by the Sticky Werewolf threat operation, which initially set sights on both countries' public entities before widening the scope of its attacks to other sectors, reports Security Affairs.

Read More
June 11, 2024

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103).

Read More
June 10, 2024

Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus.

Read More
June 7, 2024

'Sticky Werewolf' APT Stalks Aviation Sector

The pro-Ukranian group has upgraded its infection chain, with credentials, strategic info on commercial pilots, or billion-dollar designs as the possible prizes.

Read More
May 22, 2024

Multi-Tiered Infrastructure Helps SolarMarker Infostealer Evade Disruption

Operators of the SolarMarker information-stealing malware, also known as Jupyter Infostealer, Yellow Cockatoo, Deimos, and Polyzert, have bolstered defenses against law enforcement crackdown operations through a multi-tiered infrastructure, reports The Hacker News.

Read More

SANS Institute's Latest Product Review of Morphisec

SANS Instructor Matt Bromiley reviews Morphisec's moving target defense technology, which is designed to defeat threats such as zero-days, evasive malware, fileless attacks and exploits by morphing process memory.

Watch the webcast

SANS Product Review-18