Menlo Security Cloud Security Platform receives FedRAMP® Authorization

Back to blog

Two minutes on… HEAT attacks evading malicious link analysis

Marcos Colon | Sep 15, 2022

Menlo Security’s Neko Papez breaks down how Highly Evasive Adaptive Threats (HEAT) are able toevade malicious link analysis

Share this article

Today’s workforce demands anywhere, anytime access…and we’re not talking about an office building with an open-space model. According to a report by Accenture, 63% of high-growth companies leverage a hybrid work model. Simply put, remote and hybrid work is here to stay and these same workforces are the reason behind the skyrocketing use of web browsers.

Naturally, cybercriminals have caught on. They’ve decided to turn web browsers into key threat vectors. Even worse – they’re easily bypassing current security stacks through Highly Evasive Adaptive Threats (HEAT).

HEAT attacks are actively being used by well-known threat groups like Nobelium, the Russian state-sanctioned outfit behind the infamous SolarWinds supply chain attack. The Menlo Labs research team has been closely monitoring these attacks.

Through HEAT attacks, threat actors have been able to sidestep malicious URL-link analysis engines, which are traditionally implemented within email to analyze links before the user even sees them.

In less than two minutes in the video below, Menlo Security’s Neko Papez breaks down how HEAT attack can evade malicious link analysis.

Preventing highly evasive web threats: download eBook

Share this article

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.