banner-blog.jpg

BLOG

Vinay Pidathala

Recent Posts

Menlo Threat Labs Uncovers a Phishing Attack Using Captchas

Posted by Vinay Pidathala on Sep 30, 2020

Menlo Security’s iSOC—our isolation-powered SOC service—identified a credential phishing campaign targeting the hospitality industry. Menlo Labs researchers decided to take a deeper dive into the campaign and I’m glad we did, because it sure turned out to be an interesting one.

 

Read More

Tags: phishing, isolation, captcha

Equation Editor—Attackers continue to exploit CVE-2017-1182….

Posted by Vinay Pidathala on Jun 30, 2020

Menlo labs has observed limited attacks, where attackers are continuing to exploit CVE-2017-11882, an old Microsoft exploit with a patch that was issued more than two years ago. As a matter of fact, an FBI report published on May 12 2020, listed it as one of the top 10 vulnerabilities routinely getting exploited. We are still analyzing some details of the malware involved in the three attacks and will post it in part 2 of this series. The following are some noteworthy features in all the attacks we identified

Read More

Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work

IE and FIREFOX-Patching nightmare begins in 2020...

Posted by Vinay Pidathala on Jan 27, 2020

Not all vulnerabilities are created equal. It’s true. In a perfect world, organizations should be able to patch every vulnerability on every client immediately. But we don’t live in a perfect world. Some vulnerabilities pose a much greater risk to the organization than others and should be prioritized.

Read More

Tags: Web Security, ZeroTrust, Internet Isolation, CVE

Financial Services Get Hooked, Experience 147% Increase in Phishing Clicks

Posted by Vinay Pidathala on Dec 17, 2019

According to JPMorgan Chase CEO Jamie Dimon, “The threat of cyber security may very well be the biggest threat to the US financial system.” Coupled with the fact that financial services is one of the most highly targeted industries, it’s clear financial organizations are in trouble.  Reports show a 56% year-over-year increase in digital threats targeting the sector, and according to new research, phishing is a key threat vector.

Read More

Tags: phishing attack

Menlo's Cloud Security Platform protects users from cryptomining attack

Posted by Vinay Pidathala on Oct 1, 2019

The Internet keeps getting weirder, and users are getting harder to protect. Yet Menlo Security continues to keep users safe.

Read More

Tags: cryptojacking, X-Agent, cryptocurrency, ZeroTrust Internet

Why ANY Web Browser Is Still Not Safe

Posted by Vinay Pidathala on Sep 25, 2019

Menlo Security customers are 100 percent protected against a recent zero-day exploits in Internet Explorer. The exploits CVE-2019-1367 and CVE-2019-1255 are being actively used in limited attacks.

Read More

Tags: vulnerability, browser-based attacks, Web Security, Internet Isolation, CVE

How Isolation Mitigates The Zoom Vulnerability

Posted by Vinay Pidathala on Jul 10, 2019

If you have been following the news, you probably noticed that the Internet is abuzz about the latest vulnerability in Zoom. The attack was identified by Jonathan Leitschuh, a security researcher who has detailed the vulnerability and has provided a PoC to reproduce the attack in this blog post. I would highly recommend that everyone give it a read and take the necessary actions per your company policy.

Read More

Tags: Web Security, ZeroTrust, ZeroTrust Internet

Even Dropbox and Box aren't Safe

Posted by Vinay Pidathala on Jul 7, 2019

Software as a service (SaaS) is changing the world, as nearly all new businesses use “as a service” solutions to ensure business productivity and seamless collaboration across different functions, both internally and externally to the organization. So why shouldn’t attackers take advantage of this open access and attempt to compromise victims? Well, of course, they have done exactly that. Our data shows that attackers are now jumping on the bandwagon of delivering malware and credential phishing via trusted SaaS brands.

Read More

Tags: isolation platform, web browser isolation, risky websites, ZeroTrust

Connect with us

Lists by Topic

see all

Recent Posts