<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1626328370711236&amp;ev=PageView&amp;noscript=1">
banner-blog.jpg

blog

Greg Maudsley

Greg Maudsley

Recent Posts

Isolate ALL: Unlocking Isolation's Full Potential

Posted by Greg Maudsley on Oct 19, 2017

Threat isolation is fast becoming the new “must-have” technology for IT security teams. It has gained recognition from leading analysts, and enterprise adoption is taking off. Case-in-point, Menlo Security now has hundreds-of-thousands of users across the globe using isolation to access the web without worry of malware infections. What is of particular importance is that 90% of these Menlo Security customers are isolating ALL of their web traffic, which unlocks isolation’s full potential. So why is this significant? 

Read More

Tags: cyber threats, web isolation, cyber security, isolation technology

Exposing Houdini

Posted by Greg Maudsley on Aug 22, 2017

Lately, instances of malware with built-in worm functionality have been on the rise. The WannaCry cyberattack is a perfect example. Although the malware was classified as ransomware, to increase the number of infections, the attackers used an SMB exploit to propagate it laterally within enterprises.

Read More

Tags: malware, isolation, ransomware, cyber threats, cyber attacks, wannacry, web isolation, worm, Houdini, remote access trojan

Phishing: It’s Not About Stupidity, It’s About Sophistication

Posted by Greg Maudsley on Jul 18, 2017

There was a time not long ago when victims of phishing attacks were considered stupid. But now that the general population is becoming more aware of the phishing problem, the “pool of stupidity” is shrinking. Easy prey is becoming more difficult to find, so phishing is evolving to new levels of sophistication. Attacks using OAuth, Data URI, PDF credential phish, and PunyCode are now so difficult to detect, even security administrators themselves are falling victim.

Read More

Tags: malware, phishing, malware vulnerabilities, anti-phishing, punycode, oAuth, gmail phishing campaign, uniform resource identifier (URI) scheme

Ransomware: Let’s End It

Posted by Greg Maudsley on Jun 22, 2017

The world could rid itself of ransomware overnight if we, as a society, could collectively agree to stop paying ransom. If there was a 100% certainty that they would not get paid, attackers would simply shift their attention elsewhere. But the fact of the matter is people do pay criminals to release their critical data. According to a new survey, 52% would pay up if their computer were taken hostage by ransomware. Why is this?

Read More

Tags: ransomware, cyber theft, bitcoin, cyber threats, bitcoins, browser-based attacks

Ransomware in Healthcare…Still?

Posted by Greg Maudsley on May 5, 2017

By now, after years of ransomware in the news, one would think that the problem would begin to ebb, given nearly every security vendors’ claims to prevent it. Obviously this has not proven true, particularly in healthcare.

Read More

Tags: malware, isolation, ransomware, anti-phishing, phishing prevention, healthcare

Increasingly Clever Phishing Attacks like OAuth Are The New Normal

Posted by Greg Maudsley on May 4, 2017

In the past, an attacker looking to steal credentials would craft a convincing email and landing page that did not trigger any red flags to the user. Attackers could be certain that at least 11% of people, even those who’d had phishing awareness training, would click malicious email links. Looking to up this percentage, attackers have evolved phishing exploits to use novel techniques, and OAuth is an important part of this evolution. This new approach is making it more challenging than ever for users to know when it is safe to click.

Read More

Tags: phishing, isolation, phishing prevention, Eugene Pupov, phishing scams, Google Docs email scam

RSA 2017 is a Wrap – Were Credential Theft and Phishing on Your Radar?

Posted by Greg Maudsley on Mar 2, 2017

There were many hot topics and cybersecurity themes at this year’s RSA Conference in San Francisco, from ransomware, to Sec Ops, to post breach mitigation.

Read More

Tags: cybersecurity, phishing, credential theft, phishing prevention, Adaptive Clientless Rendering, isolaton

Malware & Credential Theft are the Problems, not Russia

Posted by Greg Maudsley on Jan 19, 2017

 

Read More

Tags: malware, cybersecurity, phishing, isolation, credential theft, gartner, anti-phishing

The Bitcoin Rush: This Isn't 1848

Posted by Greg Maudsley on Nov 3, 2016

In recent weeks, I’ve been traveling the country speaking to audiences about the two leading enterprise threat vectors: web and email. During these presentations, we spend a significant amount of time discussing ransomware, where Bitcoin is the payment of choice. People want to know why it’s so prevalent, and how they can protect themselves.

Read More

Tags: ransomware

The Patient Zero Myth

Posted by Greg Maudsley on Oct 26, 2016

In medical terms, Patient Zero is loosely defined as the first human infected by a new or recently discovered viral or bacterial outbreak. The term has found its way into the IT security lexicon where its corollary is the first individual to be infected by a new malware strain, or the first victim in a phishing campaign.

Read More

Tags: malware, cybersecurity, blog, phishing, isolation, security, malicious code, anti-phishing, phishing prevention

Connect with us

Lists by Topic

see all

Recent Posts