banner-blog.jpg

BLOG

Mitigating Threats Associated with Downloading Files in Native File Format

Posted by Mehul Patel on Jul 10, 2020

File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spearphishing skills to fit today’s trends, such as cloud transformation. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity.

Read More

Tags: isolation, security, SaaS, internet access, cloud-delivered security, remote access, CDR, Content Reconstruction

Menlo Security Thwarts Covid-19–Related Phishing Attacks

Posted by Mehul Patel on Jun 24, 2020

Threat actors can be ruthless. They use social engineering to comb through people’s personal and professional lives to uncover details that they can use in spearphishing campaigns to manipulate users into unwittingly downloading malware or giving up their credentials

 

Read More

Tags: phishing, isolation, security, Isolation Core, Cloud Proxy, Secure Remote Worker, Remote Working, SaaS, internet access, cloud-delivered security

How Isolation Would Have Stopped The Russian Election Cyberattacks

Posted by Jay Kelley on Jul 19, 2018

Regardless of the political fall-out from Special Counsel Robert J. Mueller’s indictment of twelve Russian intelligence operatives for tampering with the 2016 U.S. Presidential election, this much seems clear after reading the 29-page, John LeCarre-like document: It has become unreasonable to expect any organization to successfully defend against such a massive, coordinated cyberattack.

Read More

Tags: malware, phishing, isolation, credential theft, spear-phishing, remote browsing, cyberattacks, browser isolation, presidential election, Russian hackers, Russian operatives, Russian intelligence, DNC, DCCC, Podesta, cryptojacking, X-Agent, Mueller, U.S. election, GRU, Clinton Campaign, Democratic National Committee, Democratic Congressional Campaign Committee, Clinton, cryptocurrency

Compromised Websites and Download Bomb Attacks

Posted by Andrew Prince on Jul 11, 2018

Compromised Websites and Download Bomb Attacks

In recent weeks a resurgence of download bomb attacks has been observed in the wild, attempting to add legitimacy to malicious websites serving a tech support based phishing scam. For users of Menlo Security’s Isolation Platform (MSIP), this attack is trivially defeated with zero malicious content reaching the end user’s device. However, the same may not be said for reputation based security, as we review below.

Read More

Tags: malware, phishing, isolation, javascript, compromised websites, download bomb

10 Reasons Why You Shouldn't Consider Isolation

Posted by Jay Kelley on Dec 7, 2017

 

While this post is intended to be a little tongue-in-cheek for readers, it’s been written to provoke discussion on how organizations continue to do the same things they have done for the last 15 years, without thinking of all the issues they bring with them…

Read More

Tags: phishing, isolation, ransomware, spear-phishing, web isolation, malvertising

Lights, Camera, Cyber Attack!

Posted by Jay Kelley on Dec 5, 2017

 

The past few years, the major studios and production companies that create movies, broadcast television, streaming content, and even online and video games have been under cyber attack.

Read More

Tags: malware, isolation, ransomware, malicious code, cyber attacks, phishing attack

Cyber Monday: Going Phishing?

Posted by Jay Kelley on Nov 21, 2017

 

The holiday shopping season kicks off this week with Black Friday (November 24 th) and Cyber Monday (November 27 th). And, if it’s any indication of how much online shopping will occur, last year (2016), Cyber Monday set a new sales record of $3.45 billion USD!
Read More

Tags: malware, phishing, isolation, cyber attacks, isolation platform, cyber Monday, Black Friday

For Feds, DMARC is a Start, But More is Needed

Posted by Jay Kelley on Nov 9, 2017

 

Last month, the U.S. Department of Homeland Security directed federal agencies to begin employing enhanced security methods and protocols on all government email accounts. This action is an effort to halt the impersonation of U.S. government email domains, referred to as spoofing, by attackers intent on deploying a dizzying array of cyber attacks typically initiated by a phishing campaign. Given that many reports place the start of a cyber attack squarely on phishing campaigns—some reports place the figure at over 90% of cyberattacks are as the result of phishing—it makes sense that the DHS would require greater email security for federal government email accounts and inboxes.

Read More

Tags: isolation, cyber attacks, phishing attack, cyber security, DMARC

Financial Phishing for Funds and (Customer) Facts

Posted by Jay Kelley on Sep 26, 2017

It seems that almost daily, there is a new story about another bank or financial services institution (FSI) falling victim to a phishing or other cyberattack. 

Read More

Tags: malware, isolation, malicious code, anti-phishing, cyberattacks, CISO, multi-factor authentication, Trickbot banking Trojan, Trojans, remote browers

Why Financial Institutions Are Phishing’s “Big Catch”

Posted by Jay Kelley on Aug 29, 2017

The financial services industry is consistently among the most highly targeted industries for cyberattacks. Financial services institutions (FSIs) are a popular and frequent focus of attackers because, to quote famed bank robber Willie Sutton, when asked why he robbed banks: “That’s where the money’s at.”  

Read More

Tags: malware, phishing, isolation, ransomware, credential theft, drive-by exploits, phishing prevention, spear-phishing, watering hole attacks, phishing attacks, financial services industry, cyberattacks, banking credentials, keyloggers, employee credential theft

Connect with us

Lists by Topic

see all

Recent Posts