Now, more than ever, the world is changing faster than people and companies can react. Organizations need help with keeping up to date on the cyberthreats to watch for, how attackers attempt to infiltrate the endpoint, and how to stop attacks in their tracks. Otherwise, cybersecurity is largely a patchwork of guesses, what-if scenarios, and crossed fingers.
Tags: malware, phishing, remote browser isolation, RB, active content security, ASD, essential eight, phishing, application patching, operating systems patching, macro security
As we now accept the new norm, combating malicious cyberthreats comes down to two things: visibility and control. If you can monitor traffic flowing to and from users’ devices and control how that traffic behaves and is secured, a malicious actor would be hard pressed to infiltrate your network and do harm.
Tags: phishing, security, HTTS, HTTPS, SSL Inspection, DLP, cloud-delivered security, visibility and control, security policies, URL filtering, VPN, secure web gateway
File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spearphishing skills to fit today’s trends, such as cloud transformation. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity.
Tags: isolation, security, SaaS, internet access, cloud-delivered security, remote access, CDR, Content Reconstruction
Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
For most of us, working has always been social. We’d commute to an office every day where we’d spend our day in strategy meetings and whiteboard sessions, grab a coffee to catch up with colleagues, and catch the boss while walking the hall to provide the latest project update. Once in a while, if we had a personal appointment, a customer meeting across town, or an early-morning conference call from overseas, we’d be able to work from home, logging in from a VPN where we’d have secure access to productivity tools.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, CASB, Digital Workforce, Remote Work
Menlo labs has observed limited attacks, where attackers are continuing to exploit CVE-2017-11882, an old Microsoft exploit with a patch that was issued more than two years ago. As a matter of fact, an FBI report published on May 12 2020, listed it as one of the top 10 vulnerabilities routinely getting exploited. We are still analyzing some details of the malware involved in the three attacks and will post it in part 2 of this series. The following are some noteworthy features in all the attacks we identified
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
Threat actors can be ruthless. They use social engineering to comb through people’s personal and professional lives to uncover details that they can use in spearphishing campaigns to manipulate users into unwittingly downloading malware or giving up their credentials
Tags: phishing, isolation, security, Isolation Core, Cloud Proxy, Secure Remote Worker, Remote Working, SaaS, internet access, cloud-delivered security
Menlo Security and VeloCloud, now part of VMware offer free trials of a joint solution that includes cloud security, phishing protection, and SD-WAN to protect employees working from home:
Tags: Isolation Core, Cloud Proxy, Secure Remote Worker, Remote Working
Cloud Apps Are a Point of Attack
Protecting workers is a challenging task—for example, 29 percent of all attacks leverage legitimate cloud services to launch an attack. Once an attacker is inside the network, they can use the same cloud app to siphon or exfiltrate valuable information out of the organization.
Tags: Cloud DLP, Application Control, app security, cloud app, cloud applications, Cloud App Isolation, CASB, Cloud Access Security Broker, cloud application security, casb isolation, Isolation, Cloud-based Isolation, cloud security, DLP
About three weeks into lockdown in the UK, I was out for my evening walk reflecting on how different the world had become in a very short space of time. Having spent the majority of my career as a home-based employee, being forced to work remotely didn’t change how I work or indeed my daily routine, however I tried to put myself into the shoes of those who are normally office-based and think about how their world has changed, and how they would be coping without all the tools, equipment and routines they are used to and expect.
Tags: secure web gateways, SWG, Secure Remote Worker, Remote Working
