HTML Smuggling Campaign Is Stopped by the Menlo Security Cloud Platform

Menlo Security has seen more than 117% quarterly growth in registered deals by partners.

Isolation technology allows companies to keep employee browsers siloed in the cloud.

Special coverage of Cybercrime Magazine’s Hot 150 Cybersecurity Companies.

SMBs are responsible for nearly 44% of US economic activity, but given the current climate, it can be difficult for them to find available and/or affordable resources.

Some 67% of all malware seen in the first quarter was delivered via HTTPS, according to security firm WatchGuard Technologies.

PartnerOn Journal caught up with Danielle over video to learn about the strategies behind the program, its goals, what Menlo Security looks for in a partner, the opportunities for partners and how the program aligns with customers’ needs for remote work support.

An advanced cyberespionage group is designing malware that can “jump” across air gaps, researchers say.

Menlo Security's Kowsik Guruswamy on Enhancing Security for Remote Workforce

Verizon has today published its yearly report on business data breach investigations.

In this Q&A, the 16th in our weekly series, Guruswamy explains how Covid-19 is “exacerbating” enterprise security flaws, reminisces about his Casio PB-100 and reveals why ad tech is a brain drain for humanity.

Cybercriminals have effectively changed their tactics to take advantage of the fear over COVID-19, says security provider Menlo Security.

Companies throughout the country trying to keep employees informed about the coronavirus are facing another threat, in the form of malicious emails, authorities say.

Security experts urge caution if you're shopping for a virtual private network during the coronavirus pandemic.

Legitimate-looking links from OneDrive, Google Drive, iCloud, and Dropbox slip by standard security measures.

Menlo Security CTO Kowsik Guruswamy Shares Recommendations

Legitimate-looking links from OneDrive, Google Drive, iCloud, and Dropbox slip by standard security measures.

Businesses across the APAC region are adopting new ways of working that are based heavily on technology — digitally transforming.

The fear of a worldwide COVID-19 coronavirus pandemic that might shut down entire cities or even geographical regions around the world will confront IT organizations with a remote management challenge most of them are ill-prepared to meet.

Here's a look at 12 new identity and data protection products at RSA 2020 that make it easier to isolate sensitive data, prevent credit card fraud, securely onboard remote workers and validate users with their unique typing patterns.

Menlo Security Cloud DLP is an agentless data loss prevention solution that uses Menlo's isolation technology to monitor data leaving the enterprise.

The annual RSA Conference is a key venue for companies to showcase their new cybersecurity products. Here are some of the more interesting tools to check out.

Cybercriminals are now using fears over the outbreak to steal email credentials, security officials say.

Prolific malware turned botnet shows no signs of slowing down as campaigns are launched against financial institutions in the US and UK.

Taking a look at 50 of Silicon Valley’s leading tech companies, it’s easy to see why this region has become synonymous with genius.

Cybercriminals are using global fears about the virus to spread the Emotet trojan.

From countless Facebook scandals and GDPR fines to the Capital One breach and an explosion in ransomware attacks on Louisiana, Atlanta, Baltimore and many more, 2019 was truly one for the books, and the coming year is likely to be even more chaotic and costly.

Organizations need to get off this dysfunctional “merry-go-round” and change the way they approach cybersecurity.

It’s time to break the mold and rethink the fundamental concepts of cybersecurity.

Reports show a 56% year-over-year increase in digital threats targeting the financial sector, and according to new research, phishing is a key threat vector.

Cyber threat actors have gotten smarter–or lazier–depending on your perspective. It used to be fairly common for attackers to spend days or even weeks probing targeted networks for vulnerabilities to exploit.

A breakdown of the common ways criminals employ MitM techniques to snare victims, and tips for protecting users from these dirty tricks.

A dispersed workforce gives rise to a variety of data management challenges.

The 141 predictions listed here reveal the state-of-mind of key participants in the cybersecurity defense industry and highlight all that’s hot today.

Menlo Security CEO Amir Ben-Efraim says that small companies shouldn't underestimate the level of threat that malware can pose to their organizations — even if they're not a big-name business, they can be targeted.

Menlo is building out a select channel of partners with a deep expertise in both security and the cloud

A collaboration between Menlo Security and VMware announced today promises to shore up the security of VMware’s VeloCloud SD-WAN platform.

Adwind Remote Access Trojan has been stealing credentials and other data since 2013 - and its authors have once again added a new string to its bow.

The Adwind remote access Trojan conceals malicious activity in Java commands to slip past threat intelligence tools and steal user data.

‘Isolation’ architecture prevents malicious online content from reaching users’ devices

In today’s digital world, the security of the internet has become a tricky task, especially considering nearly half of the world’s most popular websites are risky places to visit.

Global enterprise cloud security provider Menlo Security is launching into the Australian market following a $110 million (US$75 million) Series D funding round.

Menlo Security, a global enterprise cloud security provider, has entered the Australian market following a USD 110 million Series D funding round.

Puts a 'healthy' margin opportunity on the table for prospective partners

Westcon-Comstor has signed on as distributor for Menlo Security

Think this week’s Internet Explorer zero-day news is irrelevant since everyone is using Chrome anyway? Turns out you may want to think again, according to new data released today.

Expert Insights met with Menlo Security CMO Young-Sae Song and CTO Kowsik Gruswamy, to talk about the Menlo Security platform.

Zero Trust Internet using Internet Isolation separates users from the public web while providing seamless access.

Ransomware attacks against local governments are still a clear problem, and Texas is discovering this first hand.

There are now many remote browser isolation options available, from both desktop virtualization vendors and security vendors. Menlo just got a $75 million round of funding—so, how does it compare?

Menlo Security closed a $75 million Series D funding round, bringing its total raised to about $160 million — and indicating that the money flowing into security companies isn’t stopping any time soon.

Menlo Security Inc.’s $75 million late-stage funding round announced today once again illustrates the premium that enterprises are willing to pay to keep their data secure.

With an eye toward boosting cybersecurity and protecting the Department of Defense Information Network, the Defense Information Systems Agency awarded a contract for a cloud-based internet isolation (CBII) prototype that moves web browsing from the desktop to the cloud.

Menlo Security provides isolation security — isolating all user activity and cleaning any malicious files before presenting 100% safe rendered info to the user.

Despite evolutions in technology, hackers are still using the same old tricks, though sometimes in a more evolved way.

The Emotet Trojan, a thorn in the side of financial institutions and your average individual alike, is back with new techniques and an upsurge in attacks.

As taxpayers nationwide file their 2018 returns, they should prepare to do battle with the hackers and fraudsters now coming out of hibernation to confiscate your money.

Americans are getting ready to file their taxes and fraudsters are getting ready to target taxpayers with new scams, according to the Internal Revenue Service. The agency is warning taxpayers to be extra vigilant this year. After years of declines, there was a 60% jump in 2018 in so-called phishing scams, in which perpetrators impersonate a tax preparer or other legitimate person over email. From January to October 2018, more than 2,000 tax-related scam incidents were reported to the IRS.

The holidays are quickly creeping up on us. It’s a time for being thankful and giving, but it can also be a time to reflect on the scary cybersecurity term, phishing…just because holidays are often time for reflection. By now, nearly everyone has heard it and if you work in an office, you have hopefully received some sort of training or advice on how not to become your organization’s latest victim.

A new business email campaign (BEC) has been found striking financial companies and spreading malware through the Google Cloud Storage service. On Wednesday, researchers from Menlo Labs said they have been watching the BEC scam for some time, which is focused on the employees of banks and financial services companies.

Americans are getting ready to file their taxes and fraudsters are getting ready to target taxpayers with new scams, according to the Internal Revenue Service. The agency is warning taxpayers to be extra vigilant this year. After years of declines, there was a 60% jump in 2018 in so-called phishing scams, in which perpetrators impersonate a tax preparer or other legitimate person over email. From January to October 2018, more than 2,000 tax-related scam incidents were reported to the IRS.

Huge breaches have become so common that it's tempting for users to write them off as no big deal. Take Facebook's recent announcement that hackers made off with personal info of 30 million users of the platform. How bad can it be for someone to have access to the kind of basic information we all share with hundreds or thousands of our friends, anyway? It's not bank account info or Social Security numbers, right?

Enterprises are increasingly finding themselves the targets of cyber-criminals seeking access to business systems using credential phishing – but what makes it so effective?

Credential phishing campaigns, in which high-profile individuals are unwittingly falling victim to malicious actors who are looking to gain access into business systems, have proven to be a successful attack vector. According to a new Menlo Security report, Understanding a Growing Threat: Credential Phishing, credential phishing is a quickly growing cyber-attack and is increasingly becoming the preferred entry point for most attackers.

SINGAPORE - Media OutReach - 18 October, 2018 - Menlo Security, a leader in Advanced Threat, has received the top honour from Singapore's influential CXO community in the Remote Browser Isolation System category at a glittering RED CARPET HONOUR® event held to celebrate the CXOHONOUR® AWARDS 2018 edition.

Le spécialiste du déport de rendu se range parmi les visionnaires d’un marché dominé par Zscaler et Symantec. Ce dernier continue de profiter de ses acquisitions passées, et de ses efforts d’intégration. Mais pas sans que ce soit indolore pour les clients.

Gartner has just published its highly esteemed Secure Web Gateways (SWG) Magic Quadrant report for 2018, naming Menlo Security a Visionary, and calling out Menlo as the choice for “organization that put a high priority on security”.

Today's MSSP & cybersecurity news involves Alert Logic, Amdocs, Carbon Black, Centrify, eSentire, Fortinet, Idaptive, Menlo Security, Palo Alto Networks, Panorays, Sophos, Symantec, Versa Networks, Webroot & more.

Here are the week’s strays and stragglers we roped for you:CenturyLink was named a certified Microsoft Azure expert managed services provider (MSP).Google released general availability of its G Suite alert center for security threats.Microsoft joined the Open Invention Network (OIN), which is a community to protect the Linux Foundation and other open source software programs.Huawei launched a full-range 5G power solution for operators. It also outlined its artificial intelligence (AI) strategy, which includes a series of AI chips and a full-stack AI portfolio.

ISA NEARLY DONE, CELEBRATION ENSUES — The Senate finally passed a bill renaming the main DHS cybersecurity wing, drawing cheers and jubilation across the land from the department and the legislation’s long-suffering congressional backers.

CISA NEARLY DONE, CELEBRATION ENSUES — The Senate finally passed a bill renaming the main DHS cybersecurity wing, drawing cheers and jubilation across the land from the department and the legislation’s long-suffering congressional backers.

Enterprises are increasingly finding themselves the targets of cyber-criminals seeking access to business systems using credential phishing – but what makes it so effective?

Credential phishing campaigns, in which high-profile individuals are unwittingly falling victim to malicious actors who are looking to gain access into business systems, have proven to be a successful attack vector.

SINGAPORE - Media OutReach - 18 October, 2018 - Menlo Security, a leader in Advanced Threat, has received the top honour from Singapore's influential CXO community in the Remote Browser Isolation System category at a glittering RED CARPET HONOUR® event held to celebrate the CXOHONOUR® AWARDS 2018 edition.

Almost half of the world's most popular websites have been declared 'risky' by new research, but the UK is among the least dangerous places in which to surf the web.

An analysis of the world’s most-visited websites shows that vulnerable software, too much active content and large amounts of code execution open visitors to a raft of potential dangers.

"I always hammer on websites running old code because of how prevalent that is on the Internet and how it continues to be a big source of malware risks," [Kowsik] Guruswamy says.

US-headquartered Menlo Security is on the lookout for two distributors to help the vendor to expand its presence across Australia and New Zealand (A/NZ).

Kowsik Guruswamy, Chief Technology Officer, Menlo Security, joined Juliette Saly and Doug Krizner of Bloomberg Daybreak Asia to discuss the biggest security threats he sees at present and how their malware isolation technology offers a new way to protect against such attacks.

The founders of Menlo Security believe that the time has come where legacy, detection-based security solutions fail to stop the constant onslaught of web and email malware infections, and hence a whole, new architectural approach to security is necessary.

Microsoft Office is increasingly becoming a target of attacks exploiting undiscovered vulnerabilities as it grows in popularity, Menlo Security concludes in a report out today

Malicious Office documents are the weapon of choice among cybercriminals, who use files to access remotely hosted malicious components.

Unfortunately for Microsoft, Office will not only continue to be the attackers’ vector of choice but will also be the platform for exploiting vulnerabilities, according to a new report from Menlo Security.

Rather than let end devices connect to the Internet, we create this layer of abstraction via the cloud,” Menlo Security CEO Amir Ben-Efraim said. “This ensures that only safe visuals are able to get to you.

"Enterprises are very frequently targeted with malware that has credential stealing capabilities built in,” Kowsik Guruswamy, Chief Technology Officer with Menlo Security, told Fox News in an email.

Cybercriminals are once again abusing trusted applications, such as Microsoft Office, to launch multi-stage attacks inside malicious documents to deliver Formbook malware.

Menlo Security researchers discovered a new multi-stage document attack that exploits design behaviors in .docx and RTF, along with CVE-2017-8570, to drop a malicious payload called Formbook on target endpoints, while bypassing traditional security tools.

Cryptojacking, the infiltration of malware to enable browser-based mining of cryptocurrencies on infected websites, is on the rise. Read Menlo CTO Kowsik Guruswamy’s comments on the affects of cryptojacking.

Researchers at Menlo Security are reporting a wave of attacks that began last month targeting financial and information service sectors in the Middle East and U.S., using a new multi-stage infection technique.

Menlo Security released its 2017 State of the Web report what it saw as sources of attack from across the web landscape. One of the primary culprits are organizations that continue to use older, unsupported software.

According to recent research, the security of the internet at large is shaky. Menlo Security reported that 42% of the top 100,000 websites as ranked by Alexa are potentially compromised and risky for users. 

Menlo Security’s third annual State of the Web report  found that 42% of the top 100,000 sites on the web, as ranked by Alexa, either are using software that leaves them vulnerable to attack or have already been compromised in some way.

Many of the internet’s supposedly safe websites could actually be a breeding ground for risk – or at least that’s what Menlo Security’s third annual State of the Web report says.

Cybercriminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites via background initiated requests, using phishing sites, and typosquatting.

Menlo Security raises $40 million to help companies block malware.

Les experts en sécurité informatique de Menlo Security viennent de publier un rapport alarmiste sur la recrudescence du « typosquatting ».

Le «typosquatting» est la tendance émergente en matière de piratage informatique. Le danger réside dans la facilité de mise en place d'une telle stratégie.

Ne vous inquiétez pas, vous êtes bien sur 20minutes.fr. Et pas 20munites ou 20minutse. Une petite faute de frappe qui peut causer bien des soucis, comme le révèle un rapport du spécialiste en cybersécurité Menlo Security.

La société informatique Menlo Security attire l'attention sur la montée en puissance d'un phénomène assez méconnu sur la toile : le "typosquatting", une technique dérivée du phishing qui se montre particulièrement rentable pour les cybercriminels.

Méfiez-vous de vos fautes de frappe sur internet car elles pourraient bien vous porter préjudice. Découvrez ce qu’il se cache derrière l’arnaque au "typosquatting".

Phishing attacks continue to grow more sophisticated, as 4,600 phishing sites use legitimate hosting services, according to Menlo Security.

Un rapport publié par Menlo Security a confirmé la réalité de la menace virtuelle. Les pirates informatiques font de plus en plus preuve d’ingéniosité.

More than 12,300 websites in the business category were used to launch cyberattacks or deliver malware in 2017, making company sites riskier than gambling and shopping sites. 

Dans son troisième rapport annuel « L’état du web », Menlo Security révèle que de nombreux sites web, réputés sans risque, présentent en fait des menaces bien réelles pour ceux qui les consultent.

Avec de nouvelles méthodes toujours plus malignes, les hackers parviennent à flouer les internautes en se glissant dans les brèches de sites pourtant réputés sécurisés.

Avec le "typosquatting", les hackers se servent de vos fautes de frappes pour vous pirater.

Dans son troisième rapport annuel « L’état du web », Menlo Security révèle que de nombreux sites web, réputés sans risque, présentent en fait des menaces bien réelles pour ceux qui les consultent.

Among the top 100,000 websites listed on Alexa, 42 percent are risky, according to a report from Menlo Security.

Avec de nouvelles méthodes toujours plus malignes, les hackers parviennent à flouer les internautes en se glissant dans les brèches de sites pourtant réputés sécurisés.

Des experts en cybersécurité pointent le fait que de plus en plus de « sites de confiance » sont utilisés par les hackers comme vecteurs d'attaque.

L'ingéniosité des hackers semble sans limites. En octobre dernier, Le Point.fr évoquait les nouvelles techniques d'intrusion des pirates informatiques, détaillant les modus operandi inédits des cybergangs qui sévissent sur la Toile mondiale.

Le «typosquatting» : quand les pirates informatiques exploitent les fautes de frappe Phénomène méconnu, le «typosquatting» consiste à mettre à profit les coquilles des internautes pour les rediriger vers des sites Web à risques.

42% des 100.000 sites web les plus populaires, selon le classement réalisé par Alexa, utilisent des logiciels qui les laissent vulnérables en cas d’attaque, ou ont déjà été compromis d’une manière ou d’une autre.

Les pirates de l’informatique ont mis un moyen très facile pour vous piéger. Appelé « typosquatting », ils se servent de vos fautes de frappes dans l’url pour vous pirater.

Forty-two percent of the top 100,000 sites on the web, as ranked by Alexa, are either using software that leaves them vulnerable to attack or have already been compromised in some way.

One rarely discussed problem is that the average website connects to 25 background sites for content, such as video clips and online ads.

“We should laud Microsoft on taking this initiative in blocking these programs, because historically these types of cleaners found as shareware came laden with Malware,” Kowsik Guruswamy, Chief Technology Officer with Menlo Security, told Fox News.

Monetary providers giants American Express, HSBC and JPMorgan Chase have all joined a $40 million Sequence C funding round for “malware isolation” outfit Menlo Security.

Big banks such as JPMorgan Chase, American Express and HSBC have invested in the cybersecurity startup Menlo in its new USD 40 million funding round.

JPMorgan Chase, American Express and HSBC announced Monday that they are leading a $40 million round pf funding in the isolation-tech provider Menlo Security, bringing its total funding to $85 million. The size and scope of the investment its notable.

Menlo Security closed a $40 million Series C funding round with new investments from American Express Ventures, Ericcson Ventures, and HSBC.

Menlo Security closed a $40 million Series C funding round with new investments from American Express Ventures, Ericsson Ventures, and HSBC. This brings the Menlo Park, California-based startup’s total funding to $85 million.

Menlo Security announced on Dec. 11 that it has closed a $40 million Series C round of funding, which it intends to use to grow its security isolation platform.

Pacific Tech has inked a distribution deal with Menlo Security which will see it distributing the vendor’s Isolation Platform across Singapore and Brunei. The Menlo Security Isolation Platform executes web content, email links and documents in the cloud removing the possibility of malware reaching end user devices.

Menlo Security has chosen Pacific Tech Pte Ltd to distribute its award-winning Isolation Platform across Singapore and Brunei. In light of high profile global malware attacks, together with a growing recognition of remote browser as a security solution, this is excellent news for these well-established and dynamic business communities.

Menlo Security has signed a distribution agreement with Hong Kong-based Edvance to distribute its browser Isolation Platform across both Hong Kong and Macau. The deal comes after reinvigorated interest in isolation technology after major high-profile global malware attacks. Menlo Security provides browser-based isolation technology as its premier security solution.

Menlo Security announced that it has chosen Ingram Micro to distribute its award-winning remote browser Isolation Platform across Singapore and Thailand. In the light of recent global malware attacks, together with a growing recognition of Remote Browser as a security solution, this is excellent news for the local business community.

Ingram Micro has scored distribution rights for Menlo Security's browser Isolation Platform across Singapore and Thailand. The browser Isolation Platform allows attacks to be blocked by isolating all internet browsing from endpoints and networks instead of trying to distinguish good content from bad content.

The sharing of threat intelligence has long been something of a contentious issue within the security sector and one that has very much been pushed to the forefront of the industry in recent times.

As the threat landscape has continued to develop , people and businesses have realised that the sheer number of cyber threats and security vulnerabilities doing the rounds these days is simply too great for any one organisation to tackle by themselves.

Email and the web continue to remain one of hackers' most popular points of entry into an environment. As a result, security vendors are unveiling new offerings to pinpoint threats and prevent user error that can lead to an attack.

As a result, security vendors are unveiling new offerings to pinpoint threats and prevent user error that can lead to an attack. Companies also are ramping up their efforts around application security, protecting their critical applications in the event of an attack and looking to close vulnerabilities from the start of the development process. As companies look to protect their environments from all angles, take a look at 20 companies, including Menlo Security, looking to change the game around web, email and application security.

Cybersecurity researchers have recently uncovered a sophisticated spear phishing attack at a well-known enterprise that went undetected by existing security solutions. A close examination of the recent spear phishing event by Menlo Security researchers revealed that the attackers performed various checks on the password entered by the victim and their IP address to determine whether it was a true compromise versus somebody who had figured out the attack.

Menlo Security researchers recently uncovered a highly-customized phishing campaign that lifted reams of personally identifiable information (PII) without detection.

The sophisticated spear phishing attack took place at a “well-known enterprise,” Menlo Security said in its report, going undetected by existing security solutions.

Nearly half of the world’s top one million websites are vulnerable to malware, turning browsing into a security minefield for users, according to new research from Menlo Security.

The vendor’s newly released State of the Web 2016 report claimed that 46% of the top Alexa-ranked sites around the globe are open to exploitation by cybercriminals.

According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.

Nearly half (46%) of the Alexa top one million websites were found to be risky, putting businesses at risk as their users visits these sites.

The finding is part of a new report published by Menlo Security entitled "State of the Web 2016: Quantifying Today's Internet Risk," where researchers examined key characteristics of the top one million websites, as ranked by Alexa, to determine sources of risk.

Menlo Security Releases State of The Web 2016 Illuminating Widespread Vulnerability

MENLO PARK, Calif. Dec. 13, 2016 – Menlo Security, a pioneer of malware isolation, today announced the availability of its State of The Web 2016 report. The surprising results reveal that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky. This is largely due to vulnerable software running on web servers and on underlying ad network domains. The results are significant because risky sites have never been easier to exploit, and traditional security products fail to provide adequate protection. Attackers have their veritable choice of half the web to exploit, allowing them to launch phishing attacks from legitimate sites.

Amir Ben-Efraim's cybersecurity startup Menlo Security was only a year old when he reached out to JPMorgan Chase, telling it how the 30-employee Menlo could help it deal with malware and phishing attacks.

Within a couple of weeks, Menlo was in discussions with the heads of cyberengineering at JPMorgan, talking about what types of controls and other specifications would need to be in place before the megabank could test Menlo's technology.

This year's SINET 16 Innovators were chosen from 82 applicants representing nine countries. The Security Innovation Network (SINET) has shared the results of its annual SINET 16 competition created to discover the most innovative cybersecurity companies.

Brazil puts concerns over cyber-attacks at number 23 despite hosting the Olympic games, whereas the US, Germany and Japan put cyber-attacks at number one - hence extensive cyber-crime is expected during the games.

MSIP is set to become a key component of Fujitsu's Global Management Security Service, using isolation as the central point of its cyber security protection.

The RSA 2016 Innovations Sandbox competition highlights the top security startups, but only one will be awarded title of 'RSA Conference 2016's Most Innovative Startup'.

Oracle on Wednesday announced specific plans to kill the Java browser plugin and has advised users to start migrating to other technologies.

Malware that can be used across platforms gives cyber criminals more targets to attack