Historically, many cyberattacks tended to be technology-focused and required specialized knowledge to expertly fool a network into believing the attacker was an authorized user. Spoofing, man-in-the-middle (LAN or Wi-Fi), DNS, and other attacks require actual skill (and a bit of malice) to properly execute.
Tags: phishing, isolation, email isolation, link isolation, link wrapping
Phishing sites frequently evade web and email filters because of the inability of secure gateways to detect new phishing websites or categorize them properly. According to Menlo Labs, web and email gateways wrongly categorize 10-15 percent of malicious websites as safe.
Tags: phishing, isolation, URL, email filtering, zero trust
Enterprises frequently acquire an isolation solution (with Menlo for remote browser isolation) for groups of users, such as VIPs, rather than their entire workforce. While this strategy insulates VIPs from malware attacks, it assumes that only VIPs have access to potentially crippling information.
Tags: phishing, isolation, Incident Response, API, logging
The challenge most email gateways face is how to protect against URL-based threats that exist within a “danger zone”— the period when phishing sites are allowed to sneak into the network as uncategorized sites.
Tags: phishing, email isolation, uncategorized sites, URL, email filtering, danger
I had the opportunity to chat with one of our largest customers the other day. I can’t mention the company name, but they are a big, well-known brand. Menlo works with eight of the ten largest banks and four of the five biggest credit card companies in the world. Let’s just say it was one of them.
Tags: malware, cybersecurity, phishing, isolation, secure web gateway, financial services security, email security, global cloud proxy
A cloud-based secure web gateway (SWG) gives cybersecurity teams complete visibility and control over traffic that bypasses the VPN. Consider these two use cases.
Tags: malware, phishing, security, spear-phishing, DLP, cloud-delivered security, visibility and control, URL filtering, VPN, SaaS access, remote users, acceptable use policies
Now, more than ever, the world is changing faster than people and companies can react. Organizations need help with keeping up to date on the cyberthreats to watch for, how attackers attempt to infiltrate the endpoint, and how to stop attacks in their tracks. Otherwise, cybersecurity is largely a patchwork of guesses, what-if scenarios, and crossed fingers.
Tags: malware, phishing, remote browser isolation, RB, active content security, ASD, essential eight, phishing, application patching, operating systems patching, macro security
As we now accept the new norm, combating malicious cyberthreats comes down to two things: visibility and control. If you can monitor traffic flowing to and from users’ devices and control how that traffic behaves and is secured, a malicious actor would be hard pressed to infiltrate your network and do harm.
Tags: phishing, security, HTTS, HTTPS, SSL Inspection, DLP, cloud-delivered security, visibility and control, security policies, URL filtering, VPN, secure web gateway
Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
For most of us, working has always been social. We’d commute to an office every day where we’d spend our day in strategy meetings and whiteboard sessions, grab a coffee to catch up with colleagues, and catch the boss while walking the hall to provide the latest project update. Once in a while, if we had a personal appointment, a customer meeting across town, or an early-morning conference call from overseas, we’d be able to work from home, logging in from a VPN where we’d have secure access to productivity tools.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, CASB, Digital Workforce, Remote Work
