Menlo Labs

Threats outsmarted. Enterprises liberated.

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

Learn more

90%

of attack vectors avoided

80%

reduction in SecOps alerts

zero

breaches from email and web

100%

protection against browser patching delays

Blog

Not your average Joe: An analysis of the XeGroup’s attack techniques

Disclaimer: Menlo Labs has informed the appropriate law enforcement agencies on the intelligence presented in this report. Executive Summary XeGroup is a hacking group that has been active since at least 2013. The group is...

Illustration of computer window with key unlocking padlock, thief stealing credit cards, and text XeGroup

illustration of hacker holding many masks

Threat Trends & Research

The many faces of the IcedID attack kill chain

Threat Trends & Research

PureCrypter targets government entities through Discord

illustration of masked man injecting office template with camouflaged liquid beside a magnifying glass containing the north korean flag

Threat Trends & Research

Template injection attacks part 3: Following the bread crumbs to North Korea

Illustration of a thief giving Microsoft Office applications a camouflaged shot

Threat Trends & Research

Camouflaged URLs in template injection attacks

The Menlo Labs research team analyzed several weaponized decoy documents using a template injection technique that fetches and executes the template during execution

Threat Trends & Research

Isolation: A vaccine for template injection attacks

Qakbot, one of the leading banking Trojans around the globe

Threat Trends & Research

An anatomy of HEAT attacks used by Qakbot campaigns

Threat Trends & Research

Sushi Served with Phish

A cyber criminal bypasses legacy SWG with LURE attacks

Protecting the Remote Workforce

How attackers bypass legacy SWGs with LURE attacks

Investigation board tracking clues from a phishing fraudster

Threat Trends & Research

Tracking a COVID phishing fraudster

More Blogs

Threat Bulletins

See more threat bulletins

Menlo Security’s Isolation Security Operations Center (iSOC).

Menlo Security’s Isolation Security Operations Center (iSOC) is a threat monitoring service that examines global Internet traffic that passes through the Menlo Global Cloud to identify unintended policy gaps and misconfigurations. Simply put, our iSOC is what fuels our Zero Trust approach to protecting an organization’s productivity.

Learn more about iSOC

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.

Try Menlo Free

Why Menlo

Meet the cloud-native Menlo Security platform

Need to implement SASE, ASAP?

Threat intelligence is on tap at Menlo Labs

Threat intelligence is on tap at Menlo Labs

Threats outsmarted. Enterprises liberated.

90%

80%

zero

100%

Not your average Joe: An analysis of the XeGroup’s attack techniques

The many faces of the IcedID attack kill chain

PureCrypter targets government entities through Discord

Template injection attacks part 3: Following the bread crumbs to North Korea

Camouflaged URLs in template injection attacks

Isolation: A vaccine for template injection attacks

An anatomy of HEAT attacks used by Qakbot campaigns

Sushi Served with Phish

How attackers bypass legacy SWGs with LURE attacks

Tracking a COVID phishing fraudster

Threat Bulletins

Menlo Security’s Isolation Security Operations Center (iSOC).

Make the secure way to work the only way to work.