Menlo Labs

Threats outsmarted. Enterprises liberated.

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

Learn more

90%

of attack vectors avoided

80%

reduction in SecOps alerts

zero

breaches from email and web

100%

protection against browser patching delays

Blog

PureCrypter targets government entities through Discord

Executive Summary Menlo Labs has uncovered an unknown threat actor that’s leveraging an evasive threat campaign distributed via Discord that features the PureCrypter downloader and targets government entities. The PureCrypter campaign uses the domain of...

illustration of masked man injecting office template with camouflaged liquid beside a magnifying glass containing the north korean flag

Threat Trends & Research

Template injection attacks part 3: Following the bread crumbs to North Korea

Illustration of a thief giving Microsoft Office applications a camouflaged shot

Threat Trends & Research

Camouflaged URLs in template injection attacks

The Menlo Labs research team analyzed several weaponized decoy documents using a template injection technique that fetches and executes the template during execution

Threat Trends & Research

Isolation: A vaccine for template injection attacks

Qakbot, one of the leading banking Trojans around the globe

Threat Trends & Research

An anatomy of HEAT attacks used by Qakbot campaigns

Threat Trends & Research

Sushi Served with Phish

A cyber criminal bypasses legacy SWG with LURE attacks

Protecting the Remote Workforce

How attackers bypass legacy SWGs with LURE attacks

Investigation board tracking clues from a phishing fraudster

Threat Trends & Research

Tracking a COVID phishing fraudster

A cyber criminal is using targeted phishing tactics to email

Threat Trends & Research

TA551 Targeted Malicious Campaign Breakdown

Illustration of a file locked by a padlock

Threat Trends & Research

Jive in the Hive: Conversations with a ransomware gang

More Blogs

Threat Bulletins

Menlo Security’s Isolation Security Operations Center (iSOC).

Menlo Security’s Isolation Security Operations Center (iSOC) is a threat monitoring service that examines global Internet traffic that passes through the Menlo Global Cloud to identify unintended policy gaps and misconfigurations. Simply put, our iSOC is what fuels our Zero Trust approach to protecting an organization’s productivity.

Learn more about iSOC

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.

Try Menlo Free

Why Menlo

Meet the cloud-native Menlo Security platform

Need to implement SASE, ASAP?

Threat intelligence is on tap at Menlo Labs

Threat intelligence is on tap at Menlo Labs

Threats outsmarted. Enterprises liberated.

90%

80%

zero

100%

PureCrypter targets government entities through Discord

Template injection attacks part 3: Following the bread crumbs to North Korea

Camouflaged URLs in template injection attacks

Isolation: A vaccine for template injection attacks

An anatomy of HEAT attacks used by Qakbot campaigns

Sushi Served with Phish

How attackers bypass legacy SWGs with LURE attacks

Tracking a COVID phishing fraudster

TA551 Targeted Malicious Campaign Breakdown

Jive in the Hive: Conversations with a ransomware gang

Threat Bulletins

Menlo Security’s Isolation Security Operations Center (iSOC).

Make the secure way to work the only way to work.