The last year has been one of the most active in the previous decade in cybersecurity. More than 1,000 data breaches took place in the United States alone, with a total of 155 million individuals impacted by data exposures, according to Statista. But when it comes to ransomware, the data on this insidious type of cyberattack is even more alarming.
Tags: malware, phishing, Isolation Core
Cybersecurity teams at federal agencies all face the same challenge: How do you protect against emerging threats when the agency work environment keeps evolving?
Tags: malware, secure web gateways, Internet Isolation, Isolation Core, cloud security, Remote Work, federal cybersecurity
2021 will be a challenging year for security professionals. The fall out from the SUNBURST attack and the Solarwinds hack is yet to be fully understood and we all remain in an elevated state of awareness and concern.
Our Threat labs team is constantly looking for new emerging threats by analyzing security events and over 40 million sessions a day on our isolation-powered cloud security company and recently observed the re-emergence of a previously known threat, commonly known as Trickbot.
Tags: malware, drive-bys, malicious download, trickbot, threat labs
Covid-19 and its impact have pushed federal workers out from behind the firewall to the edge of the network in home offices. Fortunately, the Department of Veterans Affairs had already embarked on an aggressive IT modernization initiative—providing the framework for making sure remote workers have fast and consistent access to the tools and information they need, wherever the mission takes them.
Tags: malware, cybersecurity, phishing, ransomware, web isolation, COVID-19, Menlo Security, federal security, IT modernization, drive-by attacks, expanding attack surface, digital transformation, Veterans Affairs, VA
Customers of Menlo Security using Internet Explorer (IE) are protected against a recent and still-active zero-day exploit using Internet Explorer, as outlined by Microsoft’s security update CVE-2020-1380.
Tags: malware, isolaton, Internet Isolation, Active-Threat, CVE-2020-1380, Zero-Day Attack, Internet Explorer, IE
I had the opportunity to chat with one of our largest customers the other day. I can’t mention the company name, but they are a big, well-known brand. Menlo works with eight of the ten largest banks and four of the five biggest credit card companies in the world. Let’s just say it was one of them.
Tags: malware, cybersecurity, phishing, isolation, secure web gateway, financial services security, email security, global cloud proxy
A cloud-based secure web gateway (SWG) gives cybersecurity teams complete visibility and control over traffic that bypasses the VPN. Consider these two use cases.
Tags: malware, phishing, security, spear-phishing, DLP, cloud-delivered security, visibility and control, URL filtering, VPN, SaaS access, remote users, acceptable use policies
Now, more than ever, the world is changing faster than people and companies can react. Organizations need help with keeping up to date on the cyberthreats to watch for, how attackers attempt to infiltrate the endpoint, and how to stop attacks in their tracks. Otherwise, cybersecurity is largely a patchwork of guesses, what-if scenarios, and crossed fingers.
Tags: malware, phishing, remote browser isolation, RB, active content security, ASD, essential eight, phishing, application patching, operating systems patching, macro security
Regardless of the political fall-out from Special Counsel Robert J. Mueller’s indictment of twelve Russian intelligence operatives for tampering with the 2016 U.S. Presidential election, this much seems clear after reading the 29-page, John LeCarre-like document: It has become unreasonable to expect any organization to successfully defend against such a massive, coordinated cyberattack.
Tags: malware, phishing, isolation, credential theft, spear-phishing, remote browsing, cyberattacks, browser isolation, presidential election, Russian hackers, Russian operatives, Russian intelligence, DNC, DCCC, Podesta, cryptojacking, X-Agent, Mueller, U.S. election, GRU, Clinton Campaign, Democratic National Committee, Democratic Congressional Campaign Committee, Clinton, cryptocurrency
In recent weeks a resurgence of download bomb attacks has been observed in the wild, attempting to add legitimacy to malicious websites serving a tech support based phishing scam. For users of Menlo Security’s Isolation Platform (MSIP), this attack is trivially defeated with zero malicious content reaching the end user’s device. However, the same may not be said for reputation based security, as we review below.
Tags: malware, phishing, isolation, javascript, compromised websites, download bomb
