The year 2020 was a very tough one for enterprises for many reasons. Perhaps one of the biggest reasons was that COVID-19 forced businesses and other organizations to make an almost overnight transition to remote work. On the other hand, cyber attackers had a great year. Remote work and the shift to the cloud have resulted in a greatly increased attack surface area that attackers have capitalized on.
Tags: ransomware, Remote Work, credential phishing, Patch Buffer, patch lag
I have good news and bad news. The good news is that the most difficult year in recent memory is almost over. By my count, we have less than 20 days to go, and that’s clearly not enough time for the murder hornets to make a comeback and take over the world.
Tags: cybersecurity, phishing, ransomware, anti-phishing, business email compromise, 2021, document attacks, command & control, https security, threat landscape
Covid-19 and its impact have pushed federal workers out from behind the firewall to the edge of the network in home offices. Fortunately, the Department of Veterans Affairs had already embarked on an aggressive IT modernization initiative—providing the framework for making sure remote workers have fast and consistent access to the tools and information they need, wherever the mission takes them.
Tags: malware, cybersecurity, phishing, ransomware, web isolation, COVID-19, Menlo Security, federal security, IT modernization, drive-by attacks, expanding attack surface, digital transformation, Veterans Affairs, VA
Even before Covid-19 forced the adoption of work-from-home policies across the globe, the workforce had been getting more remote, more distributed, and more dependent on Software as a Service (SaaS) platforms. In turn, organizations have been looking for a new way to protect these remote users from today’s increasingly sophisticated cyberattacks. Phishing attacks remain one of the biggest threats as malicious attackers take advantage of the new normal to trick users into downloading malware or giving up their credentials.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
For most of us, working has always been social. We’d commute to an office every day where we’d spend our day in strategy meetings and whiteboard sessions, grab a coffee to catch up with colleagues, and catch the boss while walking the hall to provide the latest project update. Once in a while, if we had a personal appointment, a customer meeting across town, or an early-morning conference call from overseas, we’d be able to work from home, logging in from a VPN where we’d have secure access to productivity tools.
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, CASB, Digital Workforce, Remote Work
Menlo labs has observed limited attacks, where attackers are continuing to exploit CVE-2017-11882, an old Microsoft exploit with a patch that was issued more than two years ago. As a matter of fact, an FBI report published on May 12 2020, listed it as one of the top 10 vulnerabilities routinely getting exploited. We are still analyzing some details of the malware involved in the three attacks and will post it in part 2 of this series. The following are some noteworthy features in all the attacks we identified
Tags: phishing, ransomware, anti-phishing, SWG, Secure Remote Worker, Working From Home, CASB, cloud-delivered security, Digital Workforce, Remote Work
Last month, Microsoft issued 79 patches and among these patches was one for an old Windows XP operating system, which was officially abandoned by Microsoft 5 years ago. The last time Microsoft released an update like this was months before the WannaCry ransomware attacks of 2017 wreaked havoc. Even Microsoft warned of the similarities with Simon Pope, director of incident response for the Microsoft Security Response Center writing, “Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017. It is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware.”
Tags: ransomware, wannacry, isolation technology, Web Security, ZeroTrust
While this post is intended to be a little tongue-in-cheek for readers, it’s been written to provoke discussion on how organizations continue to do the same things they have done for the last 15 years, without thinking of all the issues they bring with them…
Tags: phishing, isolation, ransomware, spear-phishing, web isolation, malvertising
The past few years, the major studios and production companies that create movies, broadcast television, streaming content, and even online and video games have been under cyber attack.
Tags: malware, isolation, ransomware, malicious code, cyber attacks, phishing attack
It’s another day and another cyber attack headline in the media. This time it’s another ransomware-style attack; this one is called “Bad Rabbit”. According to media reports, it has impacted organizations in Russia and Ukraine mostly, with reports of some businesses in Turkey and Germany (and possibly in Poland and Japan) also being affected (that we know of so far).
Tags: ransomware, credential theft, cyber threats, web isolation, isolation technology, javascript, bad rabbit
