On the Serengeti, wildebeest have survived for millennia by using a simple strategy: safety in numbers. It’s great for the species, but each animal can only hope that another one will take one for the team.
On the Serengeti, wildebeest have survived for millennia by using a simple strategy: safety in numbers. It’s great for the species, but each animal can only hope that another one will take one for the team.
Tags: browser-based attacks, remote browsers, cyberattacks, isolation platform, trust, "risky web", safe web
Half of the web is vulnerable to malware, as we measured recently in our State of the Web research report, making it clear that merely visiting a legitimate web site is risky.
Tags: malware, cybersecurity, phishing, isolation, security, ransomware, credential theft, malware vulnerabilities, cyber theft, security strategy, anti-phishing, cyber threats, Google Chrome, bitcoins
Users must recognize that they are taking a significant risk when connecting directly to the Internet. The new Menlo Security State of The Web report reveals that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky.
Tags: malware, cybersecurity, blog, isolation, malware vulnerabilities, cyber theft, security strategy, anti-phishing, state of the web
I was in Singapore last week attending GovWare, speaking at the event and also meeting a number of customers and partners. Land of eternal summer, I think the lows were in the high 70's which made my morning runs, huh, interesting. Isolation is not a new concept here in Singapore, as the government pulled out 100,000 computers (de-linked) from the Internet to avoid any malware contamination. The government personnel are given dedicated kiosks (black computers) from which they can access the Internet, but that's about it. This is an extreme form of Isolation, while 100% safe, is also at cross-roads with user experience. But this has been the history of Isolation though. We've always been forced to trade off between security and user experience. Security by shackles.
Tags: phishing, ransomware, singapore, govware
I was in New York last week at an all-day event co-hosted with Skyport Systems at the Microsoft Briefing Center in Times Square. The day was filled with analyst briefings, a panel on “Is Active Directory a blindspot for CISO’s” followed by my talk on ‘Eliminating Ransomware with Isolation’ to the OWASP New York chapter. During the course of the day, I heard Isolation being mentioned so many times in different contexts. The gist of it is most people innately understand what Isolation is and how it can really improve the security posture of organizations. The real challenge (which we've solved) is can we do Isolation without affecting user experience?.
Tags: security, enterprise, risk, productivity
As part of our continued global expansion, I spent a week down-under visiting customers and partners hopping between Sydney and Melbourne. As soon as I got to the hotel, I stepped out for a fantastic run (of course!) along the Sydney-Harbor bridge and Opera House, followed by climbing several flights of stairs to kill the jet lag. Joy of being an ultra runner! Anyways, It was fantastic to meet customers to talk to them about the benefits of Menlo Security Isolation Platform. The story is much like everywhere else. People are tired of layers and layers of security products that ultimately act like a sieve letting malware through. Spear-phishing and Ransomware are major current threats that enterprises just can't stop.
Tags: malware, cybersecurity, australia, secure web gateways
If you are not familiar with March Madness, it's the single-elimination basketball tournament played each spring in the United States, currently featuring 68 college teams. It's one of THE most famous sporting events in the United States. As we head into the Sweet Sixteen bracket, we thought it might be prudent to analyze the Top 10 sports sites in the U.S. based on the Alexa ranking. These sites are the most visited around this time with sports fan checking out the bracket to see if their favorite team is advancing to the next stage. The real question is, can these sites be a prime target for malware and ransomware?
Tags: malware, vulnerability, top-sites
It's that time of the year when those of us in the security industry look into the crystal ball to figure out what the year ahead looks like. Before I take a crack at what's going to happen in 2016, I thought it might be useful to reflect on my last year's predictions and see where they stand. Back in January this year, I had three things that I was predicting, two of which have come true. Hey, that's a pretty good hit rate in fortune telling.
Tags: ssl, cybersecurity, predictions, fitbit
On the heels of the Xcode Ghost comes another Apple vulnerability. This time it's in the Apple OSX Gatekeeper, which was designed to combat various forms of malware. Security researcher Patrick Wardle from Synack found that the security feature can be bypassed using a simple trick involving the use of a signed binary. Apple seems to be working on a patch, but right now, systems are still vulnerable. Here's my POV.
Tags: malware, apple, gatekeeper
Magento is a popular Content Management System (CMS) deployed at over 200,000 websites as their e-commerce platform. On Sunday, Sucuri published a blog about a Massive Magento Guruincsite Infection that had already infected 1000's of sites. Google has blacklisted almost 8,000 sites over the past 90 days. At this point, it appears that we don't know the original injection vector. According to Sucuri, "It's likely a vulnerability in the Magento CMS software itself or one of the 3rd party extensions installed by the administrator."
Tags: malware, cybersecurity, flash, magento
