Menlo Labs

Threats outsmarted. Enterprises liberated.

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

Learn more

90%

of attack vectors avoided

80%

reduction in SecOps alerts

zero

breaches from email and web

100%

protection against browser patching delays

Blog

Camouflaged URLs in template injection attacks

Executive Summary The Menlo Labs research team recently published a blog on how weaponized template injection documents work and how to prevent them. Unless they have specific traces like malicious URLs or exploit markers, they...

Illustration of a thief giving Microsoft Office applications a camouflaged shot

The Menlo Labs research team analyzed several weaponized decoy documents using a template injection technique that fetches and executes the template during execution

Threat Trends & Research

Isolation: A vaccine for template injection attacks

Qakbot, one of the leading banking Trojans around the globe

Threat Trends & Research

An anatomy of HEAT attacks used by Qakbot campaigns

Threat Trends & Research

Sushi Served with Phish

A cyber criminal bypasses legacy SWG with LURE attacks

Protecting the Remote Workforce

How attackers bypass legacy SWGs with LURE attacks

Investigation board tracking clues from a phishing fraudster

Threat Trends & Research

Tracking a COVID phishing fraudster

A cyber criminal is using targeted phishing tactics to email

Threat Trends & Research

TA551 Targeted Malicious Campaign Breakdown

Illustration of a file locked by a padlock

Threat Trends & Research

Jive in the Hive: Conversations with a ransomware gang

Illustration of a web browser hiding a bug, overlaid with the word Lazarus

Threat Trends & Research

The Lazarus Group browser exploit effect: Breaking hearts since Valentine’s Day

Illustration of malicious login screen in web browser

Threat Trends & Research

Browser in the Browser (BitB) Malicious Campaign Breakdown

More Blogs

Menlo Security’s Isolation Security Operations Center (iSOC).

Menlo Security’s Isolation Security Operations Center (iSOC) is a threat monitoring service that examines global Internet traffic that passes through the Menlo Global Cloud to identify unintended policy gaps and misconfigurations. Simply put, our iSOC is what fuels our Zero Trust approach to protecting an organization’s productivity.

Learn more about iSOC

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.

Try Menlo Free

Why Menlo

Meet the cloud-native Menlo Security platform

Need to implement SASE, ASAP?

Threat intelligence is on tap at Menlo Labs

Threat intelligence is on tap at Menlo Labs

Threats outsmarted. Enterprises liberated.

90%

80%

zero

100%

Camouflaged URLs in template injection attacks

Isolation: A vaccine for template injection attacks

An anatomy of HEAT attacks used by Qakbot campaigns

Sushi Served with Phish

How attackers bypass legacy SWGs with LURE attacks

Tracking a COVID phishing fraudster

TA551 Targeted Malicious Campaign Breakdown

Jive in the Hive: Conversations with a ransomware gang

The Lazarus Group browser exploit effect: Breaking hearts since Valentine’s Day

Browser in the Browser (BitB) Malicious Campaign Breakdown

Menlo Security’s Isolation Security Operations Center (iSOC).

Make the secure way to work the only way to work.