The holidays are quickly creeping up on us. It’s a time for being thankful and giving, but it can also be a time to reflect on the scary cybersecurity term, phishing…just because holidays are often time for reflection. By now, nearly everyone has heard it and if you work in an office, you have hopefully received some sort of training or advice on how not to become your organization’s latest victim.

A new business email campaign (BEC) has been found striking financial companies and spreading malware through the Google Cloud Storage service. On Wednesday, researchers from Menlo Labs said they have been watching the BEC scam for some time, which is focused on the employees of banks and financial services companies.

Huge breaches have become so common that it's tempting for users to write them off as no big deal. Take Facebook's recent announcement that hackers made off with personal info of 30 million users of the platform. How bad can it be for someone to have access to the kind of basic information we all share with hundreds or thousands of our friends, anyway? It's not bank account info or Social Security numbers, right?

Enterprises are increasingly finding themselves the targets of cyber-criminals seeking access to business systems using credential phishing – but what makes it so effective?

Credential phishing campaigns, in which high-profile individuals are unwittingly falling victim to malicious actors who are looking to gain access into business systems, have proven to be a successful attack vector. According to a new Menlo Security report, Understanding a Growing Threat: Credential Phishing, credential phishing is a quickly growing cyber-attack and is increasingly becoming the preferred entry point for most attackers.

SINGAPORE - Media OutReach - 18 October, 2018 - Menlo Security, a leader in Advanced Threat, has received the top honour from Singapore's influential CXO community in the Remote Browser Isolation System category at a glittering RED CARPET HONOUR® event held to celebrate the CXOHONOUR® AWARDS 2018 edition.

Le spécialiste du déport de rendu se range parmi les visionnaires d’un marché dominé par Zscaler et Symantec. Ce dernier continue de profiter de ses acquisitions passées, et de ses efforts d’intégration. Mais pas sans que ce soit indolore pour les clients.

Gartner has just published its highly esteemed Secure Web Gateways (SWG) Magic Quadrant report for 2018, naming Menlo Security a Visionary, and calling out Menlo as the choice for “organization that put a high priority on security”.

Today's MSSP & cybersecurity news involves Alert Logic, Amdocs, Carbon Black, Centrify, eSentire, Fortinet, Idaptive, Menlo Security, Palo Alto Networks, Panorays, Sophos, Symantec, Versa Networks, Webroot & more.

Here are the week’s strays and stragglers we roped for you:CenturyLink was named a certified Microsoft Azure expert managed services provider (MSP).Google released general availability of its G Suite alert center for security threats.Microsoft joined the Open Invention Network (OIN), which is a community to protect the Linux Foundation and other open source software programs.Huawei launched a full-range 5G power solution for operators. It also outlined its artificial intelligence (AI) strategy, which includes a series of AI chips and a full-stack AI portfolio.

ISA NEARLY DONE, CELEBRATION ENSUES — The Senate finally passed a bill renaming the main DHS cybersecurity wing, drawing cheers and jubilation across the land from the department and the legislation’s long-suffering congressional backers.

CISA NEARLY DONE, CELEBRATION ENSUES — The Senate finally passed a bill renaming the main DHS cybersecurity wing, drawing cheers and jubilation across the land from the department and the legislation’s long-suffering congressional backers.

Enterprises are increasingly finding themselves the targets of cyber-criminals seeking access to business systems using credential phishing – but what makes it so effective?

Credential phishing campaigns, in which high-profile individuals are unwittingly falling victim to malicious actors who are looking to gain access into business systems, have proven to be a successful attack vector.

SINGAPORE - Media OutReach - 18 October, 2018 - Menlo Security, a leader in Advanced Threat, has received the top honour from Singapore's influential CXO community in the Remote Browser Isolation System category at a glittering RED CARPET HONOUR® event held to celebrate the CXOHONOUR® AWARDS 2018 edition.

Almost half of the world's most popular websites have been declared 'risky' by new research, but the UK is among the least dangerous places in which to surf the web.

An analysis of the world’s most-visited websites shows that vulnerable software, too much active content and large amounts of code execution open visitors to a raft of potential dangers.

"I always hammer on websites running old code because of how prevalent that is on the Internet and how it continues to be a big source of malware risks," [Kowsik] Guruswamy says.

US-headquartered Menlo Security is on the lookout for two distributors to help the vendor to expand its presence across Australia and New Zealand (A/NZ).

Kowsik Guruswamy, Chief Technology Officer, Menlo Security, joined Juliette Saly and Doug Krizner of Bloomberg Daybreak Asia to discuss the biggest security threats he sees at present and how their malware isolation technology offers a new way to protect against such attacks.

The founders of Menlo Security believe that the time has come where legacy, detection-based security solutions fail to stop the constant onslaught of web and email malware infections, and hence a whole, new architectural approach to security is necessary.

Microsoft Office is increasingly becoming a target of attacks exploiting undiscovered vulnerabilities as it grows in popularity, Menlo Security concludes in a report out today

Malicious Office documents are the weapon of choice among cybercriminals, who use files to access remotely hosted malicious components.

Unfortunately for Microsoft, Office will not only continue to be the attackers’ vector of choice but will also be the platform for exploiting vulnerabilities, according to a new report from Menlo Security.

Rather than let end devices connect to the Internet, we create this layer of abstraction via the cloud,” Menlo Security CEO Amir Ben-Efraim said. “This ensures that only safe visuals are able to get to you.

"Enterprises are very frequently targeted with malware that has credential stealing capabilities built in,” Kowsik Guruswamy, Chief Technology Officer with Menlo Security, told Fox News in an email.

Cybercriminals are once again abusing trusted applications, such as Microsoft Office, to launch multi-stage attacks inside malicious documents to deliver Formbook malware.

Menlo Security researchers discovered a new multi-stage document attack that exploits design behaviors in .docx and RTF, along with CVE-2017-8570, to drop a malicious payload called Formbook on target endpoints, while bypassing traditional security tools.

Cryptojacking, the infiltration of malware to enable browser-based mining of cryptocurrencies on infected websites, is on the rise. Read Menlo CTO Kowsik Guruswamy’s comments on the affects of cryptojacking.

Researchers at Menlo Security are reporting a wave of attacks that began last month targeting financial and information service sectors in the Middle East and U.S., using a new multi-stage infection technique.

Menlo Security released its 2017 State of the Web report what it saw as sources of attack from across the web landscape. One of the primary culprits are organizations that continue to use older, unsupported software.

According to recent research, the security of the internet at large is shaky. Menlo Security reported that 42% of the top 100,000 websites as ranked by Alexa are potentially compromised and risky for users. 

Menlo Security’s third annual State of the Web report  found that 42% of the top 100,000 sites on the web, as ranked by Alexa, either are using software that leaves them vulnerable to attack or have already been compromised in some way.

Many of the internet’s supposedly safe websites could actually be a breeding ground for risk – or at least that’s what Menlo Security’s third annual State of the Web report says.

Cybercriminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites via background initiated requests, using phishing sites, and typosquatting.

Menlo Security raises $40 million to help companies block malware.

Les experts en sécurité informatique de Menlo Security viennent de publier un rapport alarmiste sur la recrudescence du « typosquatting ».

Le «typosquatting» est la tendance émergente en matière de piratage informatique. Le danger réside dans la facilité de mise en place d'une telle stratégie.

Ne vous inquiétez pas, vous êtes bien sur 20minutes.fr. Et pas 20munites ou 20minutse. Une petite faute de frappe qui peut causer bien des soucis, comme le révèle un rapport du spécialiste en cybersécurité Menlo Security.

La société informatique Menlo Security attire l'attention sur la montée en puissance d'un phénomène assez méconnu sur la toile : le "typosquatting", une technique dérivée du phishing qui se montre particulièrement rentable pour les cybercriminels.

Méfiez-vous de vos fautes de frappe sur internet car elles pourraient bien vous porter préjudice. Découvrez ce qu’il se cache derrière l’arnaque au "typosquatting".

Phishing attacks continue to grow more sophisticated, as 4,600 phishing sites use legitimate hosting services, according to Menlo Security.

Un rapport publié par Menlo Security a confirmé la réalité de la menace virtuelle. Les pirates informatiques font de plus en plus preuve d’ingéniosité.

More than 12,300 websites in the business category were used to launch cyberattacks or deliver malware in 2017, making company sites riskier than gambling and shopping sites. 

Dans son troisième rapport annuel « L’état du web », Menlo Security révèle que de nombreux sites web, réputés sans risque, présentent en fait des menaces bien réelles pour ceux qui les consultent.

Avec de nouvelles méthodes toujours plus malignes, les hackers parviennent à flouer les internautes en se glissant dans les brèches de sites pourtant réputés sécurisés.

Avec le "typosquatting", les hackers se servent de vos fautes de frappes pour vous pirater.

Dans son troisième rapport annuel « L’état du web », Menlo Security révèle que de nombreux sites web, réputés sans risque, présentent en fait des menaces bien réelles pour ceux qui les consultent.

Among the top 100,000 websites listed on Alexa, 42 percent are risky, according to a report from Menlo Security.

Avec de nouvelles méthodes toujours plus malignes, les hackers parviennent à flouer les internautes en se glissant dans les brèches de sites pourtant réputés sécurisés.

Des experts en cybersécurité pointent le fait que de plus en plus de « sites de confiance » sont utilisés par les hackers comme vecteurs d'attaque.

L'ingéniosité des hackers semble sans limites. En octobre dernier, Le Point.fr évoquait les nouvelles techniques d'intrusion des pirates informatiques, détaillant les modus operandi inédits des cybergangs qui sévissent sur la Toile mondiale.

Le «typosquatting» : quand les pirates informatiques exploitent les fautes de frappe Phénomène méconnu, le «typosquatting» consiste à mettre à profit les coquilles des internautes pour les rediriger vers des sites Web à risques.

42% des 100.000 sites web les plus populaires, selon le classement réalisé par Alexa, utilisent des logiciels qui les laissent vulnérables en cas d’attaque, ou ont déjà été compromis d’une manière ou d’une autre.

Les pirates de l’informatique ont mis un moyen très facile pour vous piéger. Appelé « typosquatting », ils se servent de vos fautes de frappes dans l’url pour vous pirater.

Forty-two percent of the top 100,000 sites on the web, as ranked by Alexa, are either using software that leaves them vulnerable to attack or have already been compromised in some way.

One rarely discussed problem is that the average website connects to 25 background sites for content, such as video clips and online ads.

“We should laud Microsoft on taking this initiative in blocking these programs, because historically these types of cleaners found as shareware came laden with Malware,” Kowsik Guruswamy, Chief Technology Officer with Menlo Security, told Fox News.

Monetary providers giants American Express, HSBC and JPMorgan Chase have all joined a $40 million Sequence C funding round for “malware isolation” outfit Menlo Security.

Big banks such as JPMorgan Chase, American Express and HSBC have invested in the cybersecurity startup Menlo in its new USD 40 million funding round.

JPMorgan Chase, American Express and HSBC announced Monday that they are leading a $40 million round pf funding in the isolation-tech provider Menlo Security, bringing its total funding to $85 million. The size and scope of the investment its notable.

Menlo Security closed a $40 million Series C funding round with new investments from American Express Ventures, Ericcson Ventures, and HSBC.

Menlo Security closed a $40 million Series C funding round with new investments from American Express Ventures, Ericsson Ventures, and HSBC. This brings the Menlo Park, California-based startup’s total funding to $85 million.

Menlo Security announced on Dec. 11 that it has closed a $40 million Series C round of funding, which it intends to use to grow its security isolation platform.

Pacific Tech has inked a distribution deal with Menlo Security which will see it distributing the vendor’s Isolation Platform across Singapore and Brunei. The Menlo Security Isolation Platform executes web content, email links and documents in the cloud removing the possibility of malware reaching end user devices.

Menlo Security has chosen Pacific Tech Pte Ltd to distribute its award-winning Isolation Platform across Singapore and Brunei. In light of high profile global malware attacks, together with a growing recognition of remote browser as a security solution, this is excellent news for these well-established and dynamic business communities.

Menlo Security has signed a distribution agreement with Hong Kong-based Edvance to distribute its browser Isolation Platform across both Hong Kong and Macau. The deal comes after reinvigorated interest in isolation technology after major high-profile global malware attacks. Menlo Security provides browser-based isolation technology as its premier security solution.

Menlo Security announced that it has chosen Ingram Micro to distribute its award-winning remote browser Isolation Platform across Singapore and Thailand. In the light of recent global malware attacks, together with a growing recognition of Remote Browser as a security solution, this is excellent news for the local business community.

Ingram Micro has scored distribution rights for Menlo Security's browser Isolation Platform across Singapore and Thailand. The browser Isolation Platform allows attacks to be blocked by isolating all internet browsing from endpoints and networks instead of trying to distinguish good content from bad content.

The sharing of threat intelligence has long been something of a contentious issue within the security sector and one that has very much been pushed to the forefront of the industry in recent times.

As the threat landscape has continued to develop , people and businesses have realised that the sheer number of cyber threats and security vulnerabilities doing the rounds these days is simply too great for any one organisation to tackle by themselves.

Email and the web continue to remain one of hackers' most popular points of entry into an environment. As a result, security vendors are unveiling new offerings to pinpoint threats and prevent user error that can lead to an attack.

As a result, security vendors are unveiling new offerings to pinpoint threats and prevent user error that can lead to an attack. Companies also are ramping up their efforts around application security, protecting their critical applications in the event of an attack and looking to close vulnerabilities from the start of the development process. As companies look to protect their environments from all angles, take a look at 20 companies, including Menlo Security, looking to change the game around web, email and application security.

Cybersecurity researchers have recently uncovered a sophisticated spear phishing attack at a well-known enterprise that went undetected by existing security solutions. A close examination of the recent spear phishing event by Menlo Security researchers revealed that the attackers performed various checks on the password entered by the victim and their IP address to determine whether it was a true compromise versus somebody who had figured out the attack.

Menlo Security researchers recently uncovered a highly-customized phishing campaign that lifted reams of personally identifiable information (PII) without detection.

The sophisticated spear phishing attack took place at a “well-known enterprise,” Menlo Security said in its report, going undetected by existing security solutions.

Nearly half of the world’s top one million websites are vulnerable to malware, turning browsing into a security minefield for users, according to new research from Menlo Security.

The vendor’s newly released State of the Web 2016 report claimed that 46% of the top Alexa-ranked sites around the globe are open to exploitation by cybercriminals.

According to a new study of the top one million domains, 46 percent are running vulnerable software, are known phishing sites, or have had a security breach in the past twelve months.

The big problem is that even when a website is managed by a careful company, it will often load content from other sites, said Kowsik Guruswamy, CTO at Menlo Park, Calif.-based Menlo Security, which sponsored the report, which was released this morning.

Nearly half (46%) of the Alexa top one million websites were found to be risky, putting businesses at risk as their users visits these sites.

The finding is part of a new report published by Menlo Security entitled "State of the Web 2016: Quantifying Today's Internet Risk," where researchers examined key characteristics of the top one million websites, as ranked by Alexa, to determine sources of risk.

Menlo Security Releases State of The Web 2016 Illuminating Widespread Vulnerability

MENLO PARK, Calif. Dec. 13, 2016 – Menlo Security, a pioneer of malware isolation, today announced the availability of its State of The Web 2016 report. The surprising results reveal that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky. This is largely due to vulnerable software running on web servers and on underlying ad network domains. The results are significant because risky sites have never been easier to exploit, and traditional security products fail to provide adequate protection. Attackers have their veritable choice of half the web to exploit, allowing them to launch phishing attacks from legitimate sites.

Amir Ben-Efraim's cybersecurity startup Menlo Security was only a year old when he reached out to JPMorgan Chase, telling it how the 30-employee Menlo could help it deal with malware and phishing attacks.

Within a couple of weeks, Menlo was in discussions with the heads of cyberengineering at JPMorgan, talking about what types of controls and other specifications would need to be in place before the megabank could test Menlo's technology.

This year's SINET 16 Innovators were chosen from 82 applicants representing nine countries. The Security Innovation Network (SINET) has shared the results of its annual SINET 16 competition created to discover the most innovative cybersecurity companies.

Brazil puts concerns over cyber-attacks at number 23 despite hosting the Olympic games, whereas the US, Germany and Japan put cyber-attacks at number one - hence extensive cyber-crime is expected during the games.

MSIP is set to become a key component of Fujitsu's Global Management Security Service, using isolation as the central point of its cyber security protection.

The RSA 2016 Innovations Sandbox competition highlights the top security startups, but only one will be awarded title of 'RSA Conference 2016's Most Innovative Startup'.

Oracle on Wednesday announced specific plans to kill the Java browser plugin and has advised users to start migrating to other technologies.

Malware that can be used across platforms gives cyber criminals more targets to attack