Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2022

Addressing Device Security Risks in the Hybrid Enterprise with Netskope IoT Security

Internet-connected devices (also known as “the internet of things”) are a key business enabler for modern enterprises focused on transforming their businesses and gaining competitive advantage through automation and intelligent decision-making. According to IDC, there will be over 55.7 billion connected IoT devices (or “things”) by 2025, generating almost 80B zettabytes (ZB) of data.

Strategies for Gathering and Contextualizing Cyber Threat Intelligence

In my previous blog, I covered the many different types of cyber threat intelligence and why gathering CTI is beneficial to security teams. In this post, I will dig into the cyber threat intelligence lifecycle framework and a model to help correlate and contextualize your findings.

The EU Cyber Resilience Act - Thinking Out Implementation

From TVs to watches, fridges, lightbulbs, or coffee machines, it seems everything needs to be connected now to be marketable. The Internet of Things (IoT) environment is growing in homes and workplaces, but it has established itself way ahead of regulation. IoT devices do not currently have to comply with any specific cybersecurity standards and malicious actors are already making use of these endpoints.

Netskope Threat Coverage: LockBit's Ransomware Builder Leaked

LockBit (a.k.a. ABCD) emerged in September 2019 and became one of the most relevant RaaS (Ransomware-as-a-Service) groups among others like REvil, BlackMatter, Night Sky, Maze, Conti and Netwalker. The group targets many organizations around the world with a double-extortion scheme, where the attackers steal sensitive data and threaten to leak everything if the ransom is not paid.

Understanding Cyber Threat Intelligence

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu. The above quote by Sun Tzu summarizes cyber threat intelligence (CTI) perfectly.

NAA Creating Dashboard Filters

Netskope, a global cybersecurity leader, is redefining cloud, data, and network security to help organizations apply Zero Trust principles to protect data. The Netskope Intelligent Security Service Edge (SSE) platform is fast, easy to use, and secures people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Strategies for Addressing Burnout in Cybersecurity

Most organizations—across almost every industry—have been forced to implement extensive digital components to their everyday operations so they can function efficiently. With this shift, cybersecurity awareness is permeating every business department and as malicious activity skyrockets, the role of security teams is becoming even more prominent across business functions.

The Security Risks of "Registration Fatigue" When Onboarding New Employees

Cloud applications play a crucial role in our personal and professional activities. Every day, without even thinking about it, we access dozens of cloud apps, where we store all kinds of data from financial information to family pictures. Netskope has coined the phrase “Cloud Data Sprawl” for this trend, and a few simple numbers summarise its extent.

Attackers Continue to Abuse Google Sites and Microsoft Azure to Host Cryptocurrency Phishing

On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.

Simplify and Scale Zero Trust Integrations with Netskope and CrowdStrike

We’ve seen major shifts in the digital landscape that have far reaching implications on organizations around the world. These include the widespread adoption of hybrid work, the accelerated migration from on-premise to cloud resources, and the exponential increase of data in the cloud.

Highlighting New Advanced Security Capabilities for Netskope Cloud Firewall

One of the benefits of a secure access service edge (SASE) framework is that organizations can dramatically simplify the implementation of security services without having to go through constant network redesigns and appliance operating system updates.

Cloud Threats Memo: Lampion Exploiting WeTransfer to Deliver Malware

Lampion is a banking trojan with a particular predisposition to targeting Portuguese-speaking users (and exploiting cloud services). First documented in December 2019, the malware has gone through multiple releases, characterized by a number of different mechanisms to deliver the initial VBS (Visual Basic Script Loader). All the different variants have an element in common, the malware is distributed abusing legitimate cloud services throughout different stages of the attack chain.

Why Geopolitics is Every Business Leader's Job

If 2022 is teaching us anything, it’s that no organisation is an island. A better analogy, if I can be a little poetic, is perhaps that we are ships, buffeted by winds, riding rising and receding tides and trying to chart a course to calmer waters. We can build strong ships, but the ocean is out of our control. This lesson has been served to us in the form of global disruption on a scale that is so far out of our control that it can leave us feeling powerless.

Set, Triage, and Improve: Strategies for Tuning Out False Positives

As a security analyst in a growing company, it is often easy to get into the “set it and forget it” mentality. You create one alert after another. Then another. And another. With each alert comes a certain amount of work for an analyst. Analyst time costs money, and some alerts consume more time than others. If most of the alerts result in false positives, a large amount of resources are being spent unnecessarily.

Recognizing and Stopping Insider Threats in the Healthcare Industry

As a direct result of COVID-19 burnout, the ongoing Great Resignation trend might be impacting healthcare more than any other industry. Research shows that healthcare has already lost an estimated 20% of its workforce over the past two years. This turnover is happening top-to-bottom throughout organizations. Doctors are switching between hospitals, administrative staff are leaving the industry, and technology teams are being lured away by higher paying jobs in other sectors.

The Looming Issue with Email Sharing

If you’ve been following my suggestions in this series, then your SaaS sharing configuration now protects sensitive information and your IaaS/PaaS access controls accurately follow the principle of least privilege. Of course, that doesn’t mean you’re done! We must now tame the giant of all file-sharing beasts: email. An email is probably the worst way to share files because there’s no way to limit who sees the file after it is sent.

Applying a Continuous Adaptive Trust Mindset

The term “zero trust” is the lack of implicit trust. When we started with “zero trust,” we no longer trusted users because they weren’t on our network domain. As our staff went remote, we had to input stronger authentication to move from zero trust to some level of implicit trust. The problem is that trust is all or nothing.

Taking a Look at Security Issues with Open Storage Buckets

Now that we’ve explored the familiar form of SaaS file sharing, let’s compare it to the very different ways that storage objects in IaaS/PaaS clouds are shared (e.g., Amazon S3 buckets, Azure blobs, Google Cloud storage). All of these objects begin with a much more controlled default. Only the owner of the object has access—the opposite of the starting point for SaaS.

Addressing the Invisible Security Problem of Open File Shares

According to a recent survey from the Cloud Security Alliance, cloud issues and misconfigurations remain the leading causes of breaches and outages—and 58% of respondents report concerns about security in the cloud. Their worries are well-founded. Nearly every day, we see examples of a company’s sensitive data spilling out of leaky clouds.

How Netskope Intelligent SSE and Aruba Secure SD-WAN Integrate for SASE Success

At Netskope, our primary focus in the marketplace is to help customers protect their data. More and more data exists outside the traditional enterprise perimeter and is growing at an ever-rapid pace. More than 80% of users are using personal apps and instances from managed devices, and of those applications being accessed, roughly half would be given a “Poor” risk rating by the Netskope Cloud Confidence Index.

Netskope Announces General Availability of Endpoint DLP, Further Expanding Its Data Protection Platform

Today we are proud to announce general availability of our patented cloud-based endpoint data loss prevention (DLP) solution. The release of endpoint DLP expands the already comprehensive Netskope DLP platform and represents a major milestone in data protection, as it enables customers to protect data anywhere, across their hybrid enterprise ecosystem and in the cloud. Let’s look at why this is so important.

Delivering More (Security) with Less (Overhead) Thanks to Netskope and Mandiant

For most companies, security and IT systems are growing in complexity, breadth of scope, and coverage, which consumes budget and staff time. The rapid breakdown of the traditional perimeter in this “new normal” world increases the challenges IT teams and remote users face on a daily basis.

Protecting Intellectual Property in the Automotive Industry

The automotive industry is experiencing challenge and change from all sides. Automotive OEMs are working to better understand the changing customer journey in relation to their products, and identifying profitable growth opportunities through the integration of digital technology into all areas of the business.