A cloud-based secure web gateway (SWG) gives cybersecurity teams complete visibility and control over traffic that bypasses the VPN. Consider these two use cases.
Tags: malware, phishing, security, spear-phishing, DLP, cloud-delivered security, visibility and control, URL filtering, VPN, SaaS access, remote users, acceptable use policies
As we now accept the new norm, combating malicious cyberthreats comes down to two things: visibility and control. If you can monitor traffic flowing to and from users’ devices and control how that traffic behaves and is secured, a malicious actor would be hard pressed to infiltrate your network and do harm.
Tags: phishing, security, HTTS, HTTPS, SSL Inspection, DLP, cloud-delivered security, visibility and control, security policies, URL filtering, VPN, secure web gateway
File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spearphishing skills to fit today’s trends, such as cloud transformation. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity.
Tags: isolation, security, SaaS, internet access, cloud-delivered security, remote access, CDR, Content Reconstruction
Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
Menlo labs has observed limited attacks, where attackers are continuing to exploit CVE-2017-11882, an old Microsoft exploit with a patch that was issued more than two years ago. As a matter of fact, an FBI report published on May 12 2020, listed it as one of the top 10 vulnerabilities routinely getting exploited. We are still analyzing some details of the malware involved in the three attacks and will post it in part 2 of this series. The following are some noteworthy features in all the attacks we identified
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
Threat actors can be ruthless. They use social engineering to comb through people’s personal and professional lives to uncover details that they can use in spearphishing campaigns to manipulate users into unwittingly downloading malware or giving up their credentials
Tags: phishing, isolation, security, Isolation Core, Cloud Proxy, Secure Remote Worker, Remote Working, SaaS, internet access, cloud-delivered security
