Two minutes on… HEAT attacks evading web categorization and URL reputation

There’s never a dull moment for cybersecurity professionals, especially when the threat landscape throws what seem like 100 mph curveballs at them daily. If you’ve kept up with the analysis coming out of the Menlo Labs research team’s camp, you’ll know that they’ve been tracking what they’ve coined as Highly Evasive Adaptive Threats (HEAT). These attacks hide in plain sight and make easy work out of a lot of today’s commonly used security technology–including Secure Web Gateways, sandboxes, malicious link analysis, and more. The Menlo Labs team is always publishing content that exposes these threats, so keep an eye out for it.

A threat actor only needs to leverage one of the four key HEAT attack evasive characteristics to make their way into networks–and ultimately endpoints. One of these characteristics is evading web categorization and URL reputation engines. That’s right…if you had that much confidence in this security technology, we hate to be the bearers of bad news…you may not be as protected as you thought.

To share how threat actors can make this happen, Menlo Security Cybersecurity Strategist, Neko Papez, took two minutes out of his busy day to explain in the video below.