A common theme we hear from organizations utilizing a cloud delivered web proxy, either standalone or part of an SSE or SASE platform, is the frustration caused by website localization issues, a common trade-off when using services hosted in different geographies to the user. This is more acute the larger the customer is and the wider the distribution of employees beyond their home country or smaller organizations located in countries with no large scale data center (DC) infrastructure.

Malicious browser extensions are a common attack vector used by threat actors to steal sensitive information, such as authentication cookies or login credentials, or to manipulate financial transactions.

What is the relationship between zero trust and user identity? There’s no doubt that identity is a fundamental component of an effective zero trust approach, but there is also a danger that organisations become so overly focused on this one element, they forget there are others. To believe that achieving zero trust is all about user identity is, I believe, a fundamental misunderstanding of the concept.

As a continuation of our ongoing series collecting predictions from our many subject-matter experts here at Netskope, we headed down the (metaphorical) corridor to the Threat Labs. We wanted to extract from them some threats and cyberattack-related predictions, based on what they are starting to see evolving in the landscape. We’ve got a great selection, covering generative AI, software supply chain, and social engineering. Strap in!

Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

With 2024 on the horizon, we have once again reached out to our deep bench of experts here at Netskope to ask them to do their best crystal ball gazing and give us a heads up on the trends and themes that they expect to see emerging in the new year. We’ve broken their predictions out into four categories: AI, Geopolitics, Corporate Governance, and Skills. Here’s what our experts think is in store for 2024.

In the digital age, human interactions have been slowly replaced with online substitutions. We’re so used to depending on computers to perform tasks on our behalf that attackers are increasingly exploiting this trust mechanism for malicious gain. We are living in an age of unprecedented connectivity and convenience. Our daily lives are entwined with technology, from online shopping to managing our finances, to discussing key documents and answering queries in the workplace.

It’s been a long journey toward securing and optimizing the enterprise branch, from the days of rigid MPLS networks to the agile era of SD-WAN. Now comes the next stage of that journey: Secure access service edge (SASE), which, when architected correctly, converges the most important network and security capabilities into a single cloud-delivered service. Before we talk about how, though, let’s examine why SASE’s moment is now.

In the ever-evolving landscape of cybersecurity, the concept of a ”single pane of glass” has long been the Holy Grail for many organisations. The idea is simple: consolidate all your cybersecurity tools and data onto a single dashboard for improved visibility and control.

In the past month, the Netskope Threat Labs team observed a considerable increase of SharePoint usage to deliver malware caused by an attack campaign abusing Microsoft Teams and SharePoint to deliver a malware named DarkGate. DarkGate (also known as MehCrypter) is a malware that was first reported by enSilo (now Fortinet) in 2018 and has been used in multiple campaigns in the past months.