banner-blog.jpg

BLOG

Phishing Attacks Are Scarily Easy to Build

Posted by James Locus on Sep 22, 2020

Targeting People, Not the Infrastructure

Historically, many cyberattacks tended to be technology-focused and required specialized knowledge to expertly fool a network into believing the attacker was an authorized user. Spoofing, man-in-the-middle (LAN or Wi-Fi), DNS, and other attacks require actual skill (and a bit of malice) to properly execute.

Read More

Tags: phishing, isolation, email isolation, link isolation, link wrapping

U.S. Department of Defense Leads the Industry with Cloud-Based Internet Isolation Program

Posted by Amir Ben-Efraim on Sep 15, 2020

Back in April 2019, the Menlo Security team learned that our Partner By Light IT Professional Services LLC and Menlo Security were one of two solution providers selected to design and implement a Cloud Based Internet Isolation (CBII) prototype capability for the Defense Information Systems Agency (DISA).

 

Read More

Tags: CBII, SWG, cloud security, remote browser isolation, AirGap, DoD

How Should Zero Trust Apply to Phishing?

Posted by James Locus on Sep 3, 2020

Isolation for Zero Trust Phishing Protection

Phishing sites frequently evade web and email filters because of the inability of secure gateways to detect new phishing websites or categorize them properly. According to Menlo Labs, web and email gateways wrongly categorize 10-15 percent of malicious websites as safe.

Read More

Tags: phishing, isolation, URL, email filtering, zero trust

How Isolation Changes Incident Response

Posted by James Locus on Aug 20, 2020

Large Groups of Isolated Users Shrink Your Exposure Surface

Enterprises frequently acquire an isolation solution (with Menlo for remote browser isolation) for groups of users, such as VIPs, rather than their entire workforce. While this strategy insulates VIPs from malware attacks, it assumes that only VIPs have access to potentially crippling information.

Read More

Tags: phishing, isolation, Incident Response, API, logging

New Attack Alert: Duri

Posted by Krishnan Subramanian on Aug 18, 2020

HTML Smuggling Campaign Is Stopped by the Menlo Security Cloud Platform

Menlo Security has been closely monitoring an attack we are naming “Duri.” Duri leverages HTML smuggling to deliver malicious files to users’ endpoints by evading network security solutions such as sandboxes and legacy proxies. Isolation prevents this attack from infecting the endpoint. Here’s what we know.


Read More

Tags: Isolation Core, Duri, DataURI

The URL “Danger Zone”

Posted by James Locus on Aug 18, 2020

Inadequate Security Policies with Uncategorized Sites

The challenge most email gateways face is how to protect against URL-based threats that exist within a “danger zone”— the period when phishing sites are allowed to sneak into the network as uncategorized sites.

 

Read More

Tags: phishing, email isolation, uncategorized sites, URL, email filtering, danger

Menlo Security Prevents Zero-Day Threat on Internet Explorer

Posted by James Locus on Aug 12, 2020

The Still-Active Zero-Day Exploit Threatens the Frequently Vulnerable JavaScript Engine

Customers of Menlo Security using Internet Explorer (IE) are protected against a recent and still-active zero-day exploit using Internet Explorer, as outlined by Microsoft’s security update CVE-2020-1380.

Read More

Tags: malware, isolaton, Internet Isolation, Active-Threat, CVE-2020-1380, Zero-Day Attack, Internet Explorer, IE

Providing 100 Percent Malware-free Email and Web Browsing

Posted by Kowsik Guruswamy on Aug 11, 2020

How a Fortune 500 Customer Embraced Menlo’s Isolation as Their Primary Defense Against Phishing and Email Threats.

I had the opportunity to chat with one of our largest customers the other day. I can’t mention the company name, but they are a big, well-known brand. Menlo works with eight of the ten largest banks and four of the five biggest credit card companies in the world. Let’s just say it was one of them.

 

Read More

Tags: malware, cybersecurity, phishing, isolation, secure web gateway, financial services security, email security, global cloud proxy

Ensure DLP Protection and Visibility for Remote Workers

Posted by Mehul Patel on Jul 28, 2020

Secure Remote Worker Use Case 4: Data Loss Prevention and Visibility

Today’s workers have been flung to the far reaches of the Internet, forcing them to log in and gain access to critical business applications and data in the cloud from unsecured residential and public Internet connections. Understandably, this lack of control and visibility is keeping cybersecurity professionals up at night, wondering whether data is being exposed on the edge of this new network architecture.

Read More

Tags: cybersecurity, security, Cloud DLP, SWG, VPN, split tunneling, data loss prevention, data visibility, remote application access

Open Access to the Internet with Protection

Posted by Mehul Patel on Jul 21, 2020

Secure Remote Worker Use Case 3:
URL Filtering, SaaS Access Control, and Visibility

A cloud-based secure web gateway (SWG) gives cybersecurity teams complete visibility and control over traffic that bypasses the VPN. Consider these two use cases.

Read More

Tags: malware, phishing, security, spear-phishing, DLP, cloud-delivered security, visibility and control, URL filtering, VPN, SaaS access, remote users, acceptable use policies

Connect with us

Lists by Topic

see all

Recent Posts