<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1626328370711236&amp;ev=PageView&amp;noscript=1">
banner-blog.jpg

blog

How Isolation Would Have Stopped The Russian Election Cyberattacks

Posted by Jay Kelley on Jul 19, 2018

Regardless of the political fall-out from Special Counsel Robert J. Mueller’s indictment of twelve Russian intelligence operatives for tampering with the 2016 U.S. Presidential election, this much seems clear after reading the 29-page, John LeCarre-like document: It has become unreasonable to expect any organization to successfully defend against such a massive, coordinated cyberattack.

Read More

Tags: Mueller, U.S. election, presidential election, spear-phishing, phishing, cyberattacks, Russian hackers, Russian operatives, Russian intelligence, GRU, Clinton Campaign, DNC, Democratic National Committee, DCCC, Democratic Congressional Campaign Committee, isolation, browser isolation, remote browsing, credential theft, malware, Podesta, Clinton, cryptojacking, cryptocurrency, X-Agent

Compromised Websites and Download Bomb Attacks

Posted by Andrew Prince on Jul 11, 2018

Compromised Websites and Download Bomb Attacks

In recent weeks a resurgence of download bomb attacks has been observed in the wild, attempting to add legitimacy to malicious websites serving a tech support based phishing scam. For users of Menlo Security’s Isolation Platform (MSIP), this attack is trivially defeated with zero malicious content reaching the end user’s device. However, the same may not be said for reputation based security, as we review below.

Read More

Tags: malware, phishing, javascript, compromised websites, isolation, download bomb

10 Reasons Why You Shouldn't Consider Isolation

Posted by Jay Kelley on Dec 7, 2017

 

While this post is intended to be a little tongue-in-cheek for readers, it’s been written to provoke discussion on how organizations continue to do the same things they have done for the last 15 years, without thinking of all the issues they bring with them…

Read More

Tags: ransomware, phishing, isolation, web isolation, spear-phishing, malvertising

Cyber Monday: Going Phishing?

Posted by Jay Kelley on Nov 21, 2017

 

The holiday shopping season kicks off this week with Black Friday (November 24 th) and Cyber Monday (November 27 th). And, if it’s any indication of how much online shopping will occur, last year (2016), Cyber Monday set a new sales record of $3.45 billion USD!
Read More

Tags: cyber attacks, phishing, cyber Monday, Black Friday, isolation, isolation platform, malware

The SWIFT Security Controls Framework and Isolation

Posted by Jay Kelley on Nov 7, 2017

If you are in the financial services community, you are likely well-aware of and well-acquainted with SWIFT and the services it performs. As a quick primer for the uninitiated, SWIFT is an acronym for the Society for Worldwide Interbank Financial Telecommunication, a cooperative built over forty years ago by banks and financial institutions globally to address a mutual problem: A better, more secure, and automated way to communicate inter-bank payments across borders. SWIFT addressed this common issue, and today, it is a world-leading provider of secure messaging services for over 11,000 banks, financial organizations, and enterprises in over 200 countries.

Read More

Tags: SWIFT, cyber attacks, phishing, spear-phishing, malware, isolation technology, isolation platform

Why Financial Institutions Are Phishing’s “Big Catch”

Posted by Jay Kelley on Aug 29, 2017

The financial services industry is consistently among the most highly targeted industries for cyberattacks. Financial services institutions (FSIs) are a popular and frequent focus of attackers because, to quote famed bank robber Willie Sutton, when asked why he robbed banks: “That’s where the money’s at.”  

Read More

Tags: financial services industry, cyberattacks, phishing, phishing attacks, phishing prevention, malware, ransomware, isolation, banking credentials, keyloggers, employee credential theft, credential theft, watering hole attacks, drive-by exploits, spear-phishing

Phishing: It’s Not About Stupidity, It’s About Sophistication

Posted by Greg Maudsley on Jul 18, 2017

There was a time not long ago when victims of phishing attacks were considered stupid. But now that the general population is becoming more aware of the phishing problem, the “pool of stupidity” is shrinking. Easy prey is becoming more difficult to find, so phishing is evolving to new levels of sophistication. Attacks using OAuth, Data URI, PDF credential phish, and PunyCode are now so difficult to detect, even security administrators themselves are falling victim.

Read More

Tags: oAuth, malware, malware vulnerabilities, anti-phishing, phishing, punycode, gmail phishing campaign, uniform resource identifier (URI) scheme

The (Human) Face of Ransomware

Posted by Jay Kelley on May 19, 2017

When you start to realize the scope and impact the ransomware attack that began on Friday, May 12, 2017, and continued to roll onward into last weekend had not only a huge negative effect on businesses and their operations, but on everyday people, it begins to become all too real.

Read More

Tags: wannacry, ransomware, cyber attacks, Telefonica, Vodafone, Gas Natural, phishing, spear-phishing, drive-by exploits, watering hole attacks, isolation

Increasingly Clever Phishing Attacks like OAuth Are The New Normal

Posted by Greg Maudsley on May 4, 2017

In the past, an attacker looking to steal credentials would craft a convincing email and landing page that did not trigger any red flags to the user. Attackers could be certain that at least 11% of people, even those who’d had phishing awareness training, would click malicious email links. Looking to up this percentage, attackers have evolved phishing exploits to use novel techniques, and OAuth is an important part of this evolution. This new approach is making it more challenging than ever for users to know when it is safe to click.

Read More

Tags: phishing, phishing prevention, phishing scams, Google Docs email scam, Eugene Pupov, isolation

Going Phishing During Tax Season

Posted by Jay Kelley on Mar 15, 2017

 

You’ve probably heard about businesses that have fallen victim to successful spear-phishing attacks leading to the theft of employee W-2s. But, the IRS began warning tax professionals in January they are under attack, too!

Read More

Tags: phishing, security, credential theft, financial services, spear-phishing

Connect with us

Lists by Topic

see all

Recent Posts

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.