blog

It’s clear that traditional security architectures and philosophies don’t work anymore. In 2018, cybercrime generated $1.5 trillion in revenue for hackers, growing to $6 trillion by 2021. These statistics are even more alarming in light of the fact that organizations have more security tools in their stacks than ever before.

If you have been following the news, you probably noticed that the Internet is abuzz about the latest vulnerability in Zoom. The attack was identified by Jonathan Leitschuh, a security researcher who has detailed the vulnerability and has provided a PoC to reproduce the attack in this blog post. I would highly recommend that everyone give it a read and take the necessary actions per your company policy.

Every day new phishing campaigns are making the news. One is posing as legitimate emails from the Department of Homeland Security, the next pretends to be an alert from your email server that it has received an encrypted message for you, prompting you to log into a fake OneDrive site. Malicious actors know phishing campaigns are getting easier to identify. As a result, they continue to create new and more creative ideas to trick people. In fact, the 2019 Verizon Data Breach Investigations Report stated that phishing was involved in one third of all cyber attacks across all industries. The reason that number is so high is because even though cyber defenses, in general, are also becoming stronger, phishing attacks prevail, affecting businesses small and large. Attackers can rely on the fact that phishing has proven to be effective.

We are thrilled to announce we have secured $75 million in Series D funding led by JP Morgan Asset Management and other existing investors, including General Catalyst, Sutter Hill Ventures, Osage University Partners, American Express Ventures, HSBC, JP Morgan Chase and Engineering Capital. This round of funding comes almost two years after our Series C round of $40 million, bringing our total funding to approximately $160 million.

Software as a service (SaaS) is changing the world, as nearly all new businesses use “as a service” solutions to ensure business productivity and seamless collaboration across different functions, both internally and externally to the organization. So why shouldn’t attackers take advantage of this open access and attempt to compromise victims? Well, of course, they have done exactly that. Our data shows that attackers are now jumping on the bandwagon of delivering malware and credential phishing via trusted SaaS brands.

Last month, Microsoft issued 79 patches and among these patches was one for an old Windows XP operating system, which was officially abandoned by Microsoft 5 years ago. The last time Microsoft released an update like this was months before the WannaCry ransomware attacks of 2017 wreaked havoc. Even Microsoft warned of the similarities with Simon Pope, director of incident response for the Microsoft Security Response Center writing, “Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”

Insurance providers have long been a major target for cybercriminals, which is no surprise considering the large amounts of sensitive client information they maintain like Social Security numbers, employment history, and family contacts. In fact, a recent report by auditing service KPMG says that 81 percent of health insurance companies suffered a data breach in the past two years. Contributing to the problem, many insurance providers are dealing with any mixture of the following:

Menlo Security and By Light are partnering to design and implement a Cloud Based Internet Isolation prototype capability for the Defense Information Systems Agency (DISA). The agency is the IT combat support agency of the Department of Defense (DoD).  The agency provides, operates and assures command and control information-sharing capabilities and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national level leaders and other mission and coalition partners across the full spectrum of military operations.

As customers adopt a cloud-first approach to IT by allowing users to access the latest SaaS applications, customers are also looking to move their security services to the cloud. However, under-resourced security teams are in a constant position of having to put out fires. This is evidenced by the sheer number of devastating data breaches that make headlines every week.

According to Gartner, the accelerating adoption of cloud applications and an ever-mobile workforce have made the browser the most important productivity tool on an endpoint by far. At the same time, the vast majority of cyberattacks start with browser, targeting end-users with bogus emails and infected attachments, websites and downloadable documents.

We cannot expect legacy Web Security approaches like Secure Web Gateway, URL Filtering or Sandbox solutions to detect and prevent every threat. Even the most aptly trained professional can fall prey to a seemingly normal website or email. Instead, enterprises need to look to a strategy that isolates employees devices. Rather than detect threats and block employees from accessing dangerous web content, this approach simply isolates their laptops from all browser-based traffic.

How does this work exactly? Take a large, global insurance company as an example. They were experiencing web malware and phishing attacks and found that 80 percent of those issues were caused by employees accessing uncategorized websites. Infected devices required costly, time-consuming reimaging. While anti-phishing training for employees was somewhat helpful in addressing the attacks, many employees continued to click on infected links, leading to credential theft and malware infection. By leveraging isolation, everything employees do with a browser is executed in the cloud remote browser instead of the devices themselves. Whether surfing the web, reading emails or downloading documents, it is impossible for malware to be introduced to the network to which the device is connected. What’s more, end-users cannot see their web sessions are actually occurring on our platform rather than on their PCs. The experience is the same.

Menlo Security has done just that - created a transformative security access platform for web applications and websites, available as a service in the cloud or on-premise. This revolutionary platform is scalable, manageable, and easy for corporate customers to adopt. To learn more visit: https://www.menlosecurity.com/isolation-platform

Working as a cybersecurity warrior has its perks. We’re on the front lines of an increasingly critical and dynamic battlefield, pitting increasingly sophisticated threats against increasingly sophisticated defenses. We’re doing important work, and it can be very rewarding.