I think we can all agree that the Australian government has demonstrated its will to empower our country, its organisations and citizens to be more secure online. Australia has become a prime target for bad actors, and like my counterparts, I appreciate a government with a hands-on approach—one that recognises the criticality of cybersecurity.

Netskope Threat Labs is tracking a phishing campaign that mimics a FedEx package delivery as bait to steal credit card data. This type of social engineering attack is commonly found in phishing pages, emails, and other scams, where a false sense of urgency is created to urge the victim into doing an action that eventually leads to personal data theft.

Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

Google Drive continues to be one of the most abused cloud services by threat actors, and the latest edition (April 2023) of the Threat Horizons Report, released by security researchers in Google’s Threat Analysis Group (TAG), shows more interesting examples of how opportunistic and state-sponsored threat actors are exploiting its flagship cloud storage service, to conduct malicious campaigns (and by the way, Netskope Cloud and Threat Report is quoted in the report).

Risk used to be a word thrown around as if it could be defined generally and, once defined, consistently applied to all business and technology use cases. This didn’t work out so well for customers, CISO’s, or vendors. Risk was a “four-letter-word” and it fell out of common use.

In many conversations I have with security and infrastructure leaders, the discussion inevitably turns toward a zero trust project either already underway or set to begin soon. More often than not, this conversation is specifically about zero trust network access (ZTNA), because ZTNA technology has been frequently positioned as the solution for something every team really wants to achieve right now: total replacement of remote access VPNs.

Back in November 2020, the UK Telecommunications (Security) Act started its journey through the Houses of Parliament, and after many readings and much consultation it finally went live almost two years later on the 1st October 2022. At the heart of the Act was a desire to improve the security posture of the UK’s telecoms networks, infrastructure, and organisations, recognising the importance of telecommunications as part of the UK’s critical national infrastructure (CNI).

Today we are very pleased to share that Netskope has once again been named a Leader in the Gartner® Magic Quadrant™ for Security Service Edge (SSE). Gartner placed Netskope highest in ability to execute and furthest in vision. SSE successfully modernizes technology architecture by converging Web Proxy (SWG), ZTNA, CASB, and DLP into one, powerful, high-performing solution—effectively achieving business-level technology imperatives such as consolidation, efficiency, and optimization.

There exists a drive in all of us that embraces innovation to make life easier. For IT leaders, it’s time for true innovation at the remote access edge.

Over the past few weeks, our UK team has been very excited about the expansion of our NewEdge infrastructure, specifically the addition of a new data centre in London. Knowing that this was the fourth data centre in the UK, I cornered our EMEA CISO Neil Thacker, and our new UK public sector lead Tim Parkins, to find out what all the fuss was about.

Attackers who were previously abusing DigitalOcean to host a tech support scam have expanded the operation, now abusing StackPath CDN to distribute the scam, and are likely to start abusing additional cloud services to deliver the scam in the near future. From February 1 to March 16, Netskope Threat Labs has seen a 10x increase of traffic to tech support scam pages delivered by StackPath CDN.

Over its history Netskope has delivered many tools to integrate its various solutions and findings with Microsoft products. We have built multiple integrations with Azure Active Directory, Azure Sentinel, Azure Monitor, and Azure Blob and Compute. All of these are very helpful in unlocking base or advanced functionality to augment Microsoft solutions.

Over the last decade, the internet has undergone significant changes. While in the past the internet was primarily used for accessing information, in recent years it has become a connectivity tool, providing access to critical business SaaS and IaaS. These cloud-based services have enabled businesses to be more agile and flexible, supporting remote work and vastly improving collaboration with colleagues across the globe.