2018 has barely started and we've already got our first big major security vulnerabilities of the year, with the media generating lots of deserved attention worldwide on them. In case you missed the news, two major CPU vulnerabilities have been disclosed by Google and several other researchers: Meltdown and Spectre
Tags: browser-based attacks, remote browsers, web-based vulnerabilities, isolation technology
I think we’ve blogged a few times now on the risks of JavaScript and the role it plays in browser-based cyber attacks. We’ve recently seen the details of the Pornhub attack, where malicious adverts were used to target users visiting the Pornhub website and served up fake browser updates as another in a very long list of malvertising attacks.
Tags: cyber threats, cyber attacks, isolation technology, javascript, coinhive
It’s another day and another cyber attack headline in the media. This time it’s another ransomware-style attack; this one is called “Bad Rabbit”. According to media reports, it has impacted organizations in Russia and Ukraine mostly, with reports of some businesses in Turkey and Germany (and possibly in Poland and Japan) also being affected (that we know of so far).
Tags: ransomware, credential theft, cyber threats, web isolation, isolation technology, javascript, bad rabbit
Spear phishing attacks continue to plague businesses of all sizes, across all sectors. Detection of these messages remains an impossible feat. Spear phishing messages plague everyone and their intent ranges from delivering malware or ransomware, to stealing passwords and personal information, such as bank account information. All of these things have a high value in the online criminal world, hence why spear phishing is the most popular tool in the cyber attack arsenal today.
Tags: ransomware, anti-phishing, spear-phishing, cyber attacks, cyber training, cyber security
Whilst working with a customer on a web isolation project over the past two weeks, I was passed on a query based on a report published by Recorded Future in December 2016. The report was a summary of what were the popular vulnerabilities used in exploit kits by attackers in 2016 (source: RecordedFuture).
Tags: ransomware, malware vulnerabilities, web-based vulnerabilities, web isolation, malvertising
It’s 2017, and many organisations are still grappling with solving two of the biggest routes of attack into their business from the Internet - via their employees' in-boxes and web browsers.
Tags: cybersecurity, isolation, credential theft, anti-phishing, spear-phishing, cyber attacks, infosec euope
Another week, another web security story where organisations need to consider how to defend against another phishing attack.
Tags: cybersecurity, isolation, anti-phishing, phishing prevention, state of the web, remote browsing, browser-based attacks, cyber attacks, punycode
Tags: isolation, risk, credential theft, anti-phishing, spear-phishing, phishers, patient zero, spammers, anti-spam, browser-based attacks
I just spent a week in several new geographical markets for Menlo Security, the United Arab Emirates and Qatar, meeting and talking to new and existing customers. Online risks are no different in the Middle East than they are in the USA, Asia or Europe. The risks may have different names, but the impact remains the same.
Tags: isolation, credential theft, malware vulnerabilities, spear-phishing, Qatar, United Arab Emirates, Shamoon attack, cyber attacks
