BLOG

Internet Isolation Enables a Zero Trust Approach That Protects Remote Users from Cybersecurity Threats without Impacting the User Experience.

Federal agencies are being forced to rethink the way they empower public servants with the tools and information they need to make government work. Even before the Covid-19 global pandemic, agencies were undergoing digital transformation in an effort to create efficiencies and be more responsive to citizens. Then, as government employees and contractors moved from their office cubicle to their dining room table—literally overnight—federal IT organizations had to scramble to enable application access to a nearly 100 percent remote workforce.

 

Tags: isolation, Internet Isolation, zero trust, new normal, federal cybersecurity, government digital transformation, next-gen secure web gateway

Cybersecurity warriors are in short supply these days. According to (ISC)2, 2.8 million professionals work in cybersecurity globally, but the industry would need another 4 million trained workers—500,000 in the U.S. alone—in order to properly defend organizations and close the skills gap.

Tags: cybersecurity, isolation, security, security operations center, ISSA, ISC)2, SOC, Menlo Security Platform, unintended security gaps, Menlo iSOC, reskilling, cybersecurity skills gap

Menlo Security’s iSOC—our isolation-powered SOC service—identified a credential phishing campaign targeting the hospitality industry. Menlo Labs researchers decided to take a deeper dive into the campaign and I’m glad we did, because it sure turned out to be an interesting one.

 

Tags: phishing, isolation, captcha

Targeting People, Not the Infrastructure

Historically, many cyberattacks tended to be technology-focused and required specialized knowledge to expertly fool a network into believing the attacker was an authorized user. Spoofing, man-in-the-middle (LAN or Wi-Fi), DNS, and other attacks require actual skill (and a bit of malice) to properly execute.

Tags: phishing, isolation, email isolation, link isolation, link wrapping

Isolation for Zero Trust Phishing Protection

Phishing sites frequently evade web and email filters because of the inability of secure gateways to detect new phishing websites or categorize them properly. According to Menlo Labs, web and email gateways wrongly categorize 10-15 percent of malicious websites as safe.

Tags: phishing, isolation, URL, email filtering, zero trust

Large Groups of Isolated Users Shrink Your Exposure Surface

Enterprises frequently acquire an isolation solution (with Menlo for remote browser isolation) for groups of users, such as VIPs, rather than their entire workforce. While this strategy insulates VIPs from malware attacks, it assumes that only VIPs have access to potentially crippling information.

Tags: phishing, isolation, Incident Response, API, logging

How a Fortune 500 Customer Embraced Menlo’s Isolation as Their Primary Defense Against Phishing and Email Threats.

I had the opportunity to chat with one of our largest customers the other day. I can’t mention the company name, but they are a big, well-known brand. Menlo works with eight of the ten largest banks and four of the five biggest credit card companies in the world. Let’s just say it was one of them.

 

Tags: malware, cybersecurity, phishing, isolation, secure web gateway, financial services security, email security, global cloud proxy

File-based threats are occurring with greater frequency and higher success rates as threat actors have continued to hone and adapt their social engineering and spearphishing skills to fit today’s trends, such as cloud transformation. Consider that hundreds of millions of users are now working remotely and relying on Software as a Service (SaaS) platforms and rich web apps to improve mobility and productivity.

Tags: isolation, security, SaaS, internet access, cloud-delivered security, remote access, CDR, Content Reconstruction

Threat actors can be ruthless. They use social engineering to comb through people’s personal and professional lives to uncover details that they can use in spearphishing campaigns to manipulate users into unwittingly downloading malware or giving up their credentials

 

Tags: phishing, isolation, security, Isolation Core, Cloud Proxy, Secure Remote Worker, Remote Working, SaaS, internet access, cloud-delivered security

Regardless of the political fall-out from Special Counsel Robert J. Mueller’s indictment of twelve Russian intelligence operatives for tampering with the 2016 U.S. Presidential election, this much seems clear after reading the 29-page, John LeCarre-like document: It has become unreasonable to expect any organization to successfully defend against such a massive, coordinated cyberattack.

Tags: malware, phishing, isolation, credential theft, spear-phishing, remote browsing, cyberattacks, browser isolation, presidential election, Russian hackers, Russian operatives, Russian intelligence, DNC, DCCC, Podesta, cryptojacking, X-Agent, Mueller, U.S. election, GRU, Clinton Campaign, Democratic National Committee, Democratic Congressional Campaign Committee, Clinton, cryptocurrency