banner-blog.jpg

BLOG

Fast User Access to SaaS for Users on Home Wi-Fi

Posted by Mehul Patel on Jul 9, 2020

Secure Remote Worker Use Case 1: Ensure Fast, Secure Access to SaaS Platforms

Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.

 

Read More

Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work

Securing the New Normal: Future of Work

Posted by Mehul Patel on Jul 2, 2020

For most of us, working has always been social. We’d commute to an office every day where we’d spend our day in strategy meetings and whiteboard sessions, grab a coffee to catch up with colleagues, and catch the boss while walking the hall to provide the latest project update. Once in a while, if we had a personal appointment, a customer meeting across town, or an early-morning conference call from overseas, we’d be able to work from home, logging in from a VPN where we’d have secure access to productivity tools.

 

Read More

Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, CASB, Digital Workforce, Remote Work

Equation Editor—Attackers continue to exploit CVE-2017-1182….

Posted by Vinay Pidathala on Jun 30, 2020

Menlo labs has observed limited attacks, where attackers are continuing to exploit CVE-2017-11882, an old Microsoft exploit with a patch that was issued more than two years ago. As a matter of fact, an FBI report published on May 12 2020, listed it as one of the top 10 vulnerabilities routinely getting exploited. We are still analyzing some details of the malware involved in the three attacks and will post it in part 2 of this series. The following are some noteworthy features in all the attacks we identified

Read More

Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work

How to Mitigate Phishing Threats inYour Organization

Posted by Kowsik Guruswamy on Dec 5, 2019

From a bad actor perspective, phishing is the cheapest and easiest way to infiltrate organizations and personal information
to make a profit. By nature, humans are curious and are oft en overconfident when it comes to security. Phishing is an even greater threat for mobile users, too. Without key visual cues, like the ability to hover over a link to determine its destination, it is much easier for a user to make the simple mistake of clicking a bad link and falling victim to a phishing attempt. The popularity of social media has also made it much easier for hackers to find valid email addresses and research users’
life activities to create sophisticated, tailored phishing attacks.  From a security perspective, there are typically three approaches to solving the phishing problem – email security gateways, web proxies and security training awareness – but each has its own limitations.

Read More

Tags: phishing, email attachments, anti-phishing, phishing prevention, Google Docs email scam, email threats

Mission Impossible 17 – Spear Phishing

Posted by Jason Steer on Oct 24, 2017

Spear phishing attacks continue to plague businesses of all sizes, across all sectors. Detection of these messages remains an impossible feat. Spear phishing messages plague everyone and their intent ranges from delivering malware or ransomware, to stealing passwords and personal information, such as bank account information. All of these things have a high value in the online criminal world, hence why spear phishing is the most popular tool in the cyber attack arsenal today.

Read More

Tags: ransomware, anti-phishing, spear-phishing, cyber attacks, cyber training, cyber security

Financial Phishing for Funds and (Customer) Facts

Posted by Jay Kelley on Sep 26, 2017

It seems that almost daily, there is a new story about another bank or financial services institution (FSI) falling victim to a phishing or other cyberattack. 

Read More

Tags: malware, isolation, malicious code, anti-phishing, cyberattacks, CISO, multi-factor authentication, Trickbot banking Trojan, Trojans, remote browers

Phishing: It’s Not About Stupidity, It’s About Sophistication

Posted by Greg Maudsley on Jul 18, 2017

There was a time not long ago when victims of phishing attacks were considered stupid. But now that the general population is becoming more aware of the phishing problem, the “pool of stupidity” is shrinking. Easy prey is becoming more difficult to find, so phishing is evolving to new levels of sophistication. Attacks using OAuth, Data URI, PDF credential phish, and PunyCode are now so difficult to detect, even security administrators themselves are falling victim.

Read More

Tags: malware, phishing, malware vulnerabilities, anti-phishing, punycode, oAuth, gmail phishing campaign, uniform resource identifier (URI) scheme

Massive Cyber Attack Threatens End Users, Again

Posted by Jay Kelley on Jun 28, 2017

Another week, another massive cyber attack hits the world. Since the Wikileaks share, powerful new hacking tools are readily available to anyone in the world. This will not be the last attack leveraging these newly available weapons.

Read More

Tags: cybersecurity, isolation, ransomware, security strategy, anti-phishing, bitcoin, cyber threats, cyber attacks, remote browsers, WannaCrypt, GoldenEye

Gartner Cool Vendor Report Names Menlo Security and Describes Benefits of Browser Isolation

Posted by Peter Lunk on Jun 16, 2017

If you find it challenging to prioritize which security innovations to implement this year, this latest Gartner report can help. It names Menlo Security as a 2017 Cool Vendor for Security for Mid-Size Enterprise, and explains how any resource-constrained IT team can use browser isolation to reduce exposure to malware and phishing attacks.

Read More

Tags: cybersecurity, isolation, browser, gartner, anti-phishing, spear-phishing, remote browsing, browser-based attacks, cyber attacks, email threats

Manipulating Democracy by Spearphishing Candidates

Posted by Jay Kelley on Jun 7, 2017

Recent news is all about election hacking, with the publication this week by The Intercept of a top-secret report from the U.S. National Security Agency (NSA), detailing how Russian military intelligence or state-sponsored attackers – or, maybe as Russian President Vladimir Putin stated in a recent interview, “patriotically minded” private Russian hackers – launched a multi-pronged phishing and spearphishing attack on voter registration during the 2016 U.S. presidential elections.

Read More

Tags: cybersecurity, isolation, anti-phishing, spear-phishing, cyber attacks, infosec euope

Connect with us

Lists by Topic

see all

Recent Posts