banner-blog.jpg

blog

Gartner Report on Remote Browser Isolation: Menlo Security’s Continued Validation

Posted by Mehul Patel on Jan 7, 2020

In October 2018, Gartner released a report on remote browser isolation. It ruffled feathers a bit throughout the cybersecurity industry by suggesting that enterprises can no longer assume that their traditional detect-and-respond security strategy was enough to stop all web-based malware attacks. Analyst Neil MacDonald argued that enterprises should stop trying to detect every attack and instead focus on “containing the ability of the attacker to cause damage and reduce the surface area for attack.”

Read More

Tags: gartner, remote browsers, Secure Web Access

Financial Services Get Hooked, Experience 147% Increase in Phishing Clicks

Posted by Vinay Pidathala on Dec 17, 2019

According to JPMorgan Chase CEO Jamie Dimon, “The threat of cyber security may very well be the biggest threat to the US financial system.” Coupled with the fact that financial services is one of the most highly targeted industries, it’s clear financial organizations are in trouble.  Reports show a 56% year-over-year increase in digital threats targeting the sector, and according to new research, phishing is a key threat vector.

Read More

Tags: phishing attack

How to Mitigate Phishing Threats inYour Organization

Posted by Kowsik Guruswamy on Dec 5, 2019

From a bad actor perspective, phishing is the cheapest and easiest way to infiltrate organizations and personal information
to make a profit. By nature, humans are curious and are oft en overconfident when it comes to security. Phishing is an even greater threat for mobile users, too. Without key visual cues, like the ability to hover over a link to determine its destination, it is much easier for a user to make the simple mistake of clicking a bad link and falling victim to a phishing attempt. The popularity of social media has also made it much easier for hackers to find valid email addresses and research users’
life activities to create sophisticated, tailored phishing attacks.  From a security perspective, there are typically three approaches to solving the phishing problem – email security gateways, web proxies and security training awareness – but each has its own limitations.

Read More

Tags: phishing, email attachments, anti-phishing, phishing prevention, Google Docs email scam, email threats

Why Outsmart Cyber Attackers When You Can Remove Them Entirely?

Posted by Kowsik Guruswamy on Dec 5, 2019

Cyber threat actors have gotten smarter--or lazier--depending on your perspective. It used to be fairly
common for attackers to spend days or even weeks probing targeted networks for vulnerabilities to
exploit. Once identified, they would break down traditional cybersecurity defenses around the network
perimeter and steal as much information as they could, or cause as much chaos as possible, before the
hole was patched and they were shut out.

Today, threat actors are much more subtle. Instead of trying to break down the castle walls, they simply
steal the keys and stroll through the front door. By tricking users into willfully giving up their credentials
through spear phishing, threat actors can simply remain undetected for days, weeks or even months until
the time is right to execute their mission-- to extricate data, hold systems hostage, spy on users or all of
the above.

Is this lazy or creative? Depends on who you ask, maybe it’s a generational thing.

Read More

Tags: email threats, security breach, ZeroTrust Internet, Secure Web Access

Throttle Bandwidth-hogging Inactive Pages

Posted by James Locus on Dec 3, 2019

Browsers protected by Menlo Security will now prioritize the active browser window and deprioritize the inactive ones. 

 

As any office worker knows, browser tabs have a way of multiplying during the work day. Sure - it begins innocently enough flipping back between two news articles.  

Read More

Tags: Web Security, Secure Web Access, Bandwidth

Evaluating Internet Isolation Clouds: Must-Have Features

Posted by Mehul Patel on Nov 20, 2019

Not all Internet isolation solutions are created equal. Just ask our customers. One of them learned the hard way.

Read More

Tags: Web Security, ZeroTrust, ZeroTrust Internet, Guide,, Internet Isolation

Isolation protects you from threats that haven’t even been discovered

Posted by Mehul Patel on Nov 8, 2019

Another day, another validation that Internet isolation really is the best cybersecurity protection out there.

Last week, Google released an urgent Chrome update to patch an actively exploited zero-day known as CVE-2019-13720, a memory corruption bug that uses a use-after-free vulnerability in audio that allows a threat actor to access memory after it has been freed. This allows anyone to cause a program to crash, execute arbitrary code, or even enable full remote code execution scenarios. Pretty serious stuff that should worry even the most secure enterprises.

Read More

Tags: Web Security, ZeroTrust, Internet Isolation, CVE

Preparing for the New Regulatory Environment

Posted by Mehul Patel on Nov 6, 2019

It started as a phishing expedition and ended up being the largest data breach in the history of Singapore. It was June 2018. The FIFA World Cup was in full swing, Jurassic World hit theaters worldwide, and a low-level administrator with SingHealth, the country’s largest healthcare network, clicked on a seemingly innocent link in an email.

Read More

Tags: browser isolation, Web Security, ZeroTrust, ZeroTrust Internet, Guide,, Internet Isolation

Hiding in Plain Sight: New Adwind jRAT Variant Uses Normal Java Commands to Mask its Behavior

Street magicians have a secret: If you want to hide something, hide it in plain sight. It’s how hidden card tricks, sleight of hand and most illusions work. Unfortunately, malicious actors are learning how to use the same concept to sneak malware past traditional cybersecurity tools and onto users’ computers. And, it’s causing havoc on two fronts: enterprise security and user productivity.

Read More

Tags: Web Security, Internet Isolation, RAT

Broadcom + Symantec: Great for Wall Street, Not for Security

Posted by Menlo Security on Oct 25, 2019

August 8, 2019, was a great day on Wall Street, as Broadcom announced their intent to acquire Symantec’s enterprise business for $10.7 billion in cash. Symantec’s stock moved up more than 12 percent on the expected announcement. This jump might not seem like a huge premium, but given that Symantec’s revenue was in decline during its prior fiscal year in one of the hottest technology segments, we think the price tag was generous. Broadcom’s own statements reinforce the financial benefits:

Read More

Tags: Secure Web Access, Symantec

Connect with us

Lists by Topic

see all

Recent Posts