Regardless of the political fall-out from Special Counsel Robert J. Mueller’s indictment of twelve Russian intelligence operatives for tampering with the 2016 U.S. Presidential election, this much seems clear after reading the 29-page, John LeCarre-like document: It has become unreasonable to expect any organization to successfully defend against such a massive, coordinated cyberattack.
Tags: malware, phishing, isolation, credential theft, spear-phishing, remote browsing, cyberattacks, browser isolation, presidential election, Russian hackers, Russian operatives, Russian intelligence, DNC, DCCC, Podesta, cryptojacking, X-Agent, Mueller, U.S. election, GRU, Clinton Campaign, Democratic National Committee, Democratic Congressional Campaign Committee, Clinton, cryptocurrency
It’s another day and another cyber attack headline in the media. This time it’s another ransomware-style attack; this one is called “Bad Rabbit”. According to media reports, it has impacted organizations in Russia and Ukraine mostly, with reports of some businesses in Turkey and Germany (and possibly in Poland and Japan) also being affected (that we know of so far).
Tags: ransomware, credential theft, cyber threats, web isolation, isolation technology, javascript, bad rabbit
The financial services industry is consistently among the most highly targeted industries for cyberattacks. Financial services institutions (FSIs) are a popular and frequent focus of attackers because, to quote famed bank robber Willie Sutton, when asked why he robbed banks: “That’s where the money’s at.”
Tags: malware, phishing, isolation, ransomware, credential theft, drive-by exploits, phishing prevention, spear-phishing, watering hole attacks, phishing attacks, financial services industry, cyberattacks, banking credentials, keyloggers, employee credential theft
While Black Hat USA 2017 ended three weeks ago, I wanted to share my thoughts and experiences on my very first Black Hat USA 2017 after being in security for 15+ years.
Tags: malware, cybersecurity, isolation, ransomware, credential theft, cyber theft, black hat, cyber attacks, cyber training, authentication and application security, spearphishing, Black Hat Conference, Ichthyology, phishing training, phishing attacks
It’s 2017, and many organisations are still grappling with solving two of the biggest routes of attack into their business from the Internet - via their employees' in-boxes and web browsers.
Tags: cybersecurity, isolation, credential theft, anti-phishing, spear-phishing, cyber attacks, infosec euope
Over 350,000 of the world’s top 1 million web sites may be running vulnerable software -- which the recent WannaCry cyber attack has shown can spell considerable risk of hacker exploitation. According to the Menlo Security State of The Web report, software on some web sites dates back to over a decade ago, as far back as the year 2000. The cyber security research reveals that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky, and that 1 in 5 domains run vulnerable software.
Tags: isolation, ransomware, credential theft, malware vulnerabilities, phishing prevention, spear-phishing, banks, cyber attacks, wannacry, hackers, financial security firms, credit unions, web threats, email threats
Exhibiting at the recent FS-ISAC Annual Summit 2017 at the Dolphin Convention Center (which could have doubled as a meat locker at times because it was so cold, while other times it could have been a large sauna it was so hot and steamy!), there was a mini-monsoon outside at one point. It was like Mother Nature was mimicking the downpour of cyber attacks confronting the financial services players at the event. It was a deluge!
Tags: malware, cybersecurity, isolation, ransomware, credential theft, financial services, drive-by exploits, spear-phishing, cyber attacks, FS-ISAC Annual Summit 2017
Tags: isolation, risk, credential theft, anti-phishing, spear-phishing, phishers, patient zero, spammers, anti-spam, browser-based attacks
I just spent a week in several new geographical markets for Menlo Security, the United Arab Emirates and Qatar, meeting and talking to new and existing customers. Online risks are no different in the Middle East than they are in the USA, Asia or Europe. The risks may have different names, but the impact remains the same.
Tags: isolation, credential theft, malware vulnerabilities, spear-phishing, Qatar, United Arab Emirates, Shamoon attack, cyber attacks
You’ve probably heard about businesses that have fallen victim to successful spear-phishing attacks leading to the theft of employee W-2s. But, the IRS began warning tax professionals in January they are under attack, too!
Tags: phishing, security, credential theft, financial services, spear-phishing
