XWorm is a relatively new versatile tool that was discovered in 2022. It enables attackers to carry out a variety of functions, which include accessing sensitive information, gaining remote access, and deploying additional malware. The multifaceted nature of XWorm is appealing to threat actors, as evidenced by its alleged use earlier this year by threat actors such as NullBulge and TA558. Through Netskope Threat Labs hunting efforts, we uncovered XWorm’s latest version in the wild.

DCRat (also known as Dark Crystal RAT) is a modular remote access Trojan (RAT) which is offered as malware-as-a-service (MaaS) and has been around since 2018. It is written in C# and has typical RAT and information stealing capabilities, such as executing shell commands, logging keystrokes, exfiltrating files and credentials, among others.

In this second blog of our series, we embark on a journey of Branch Transformation with the Next Gen SASE Branch solution. Built on the Netskope One SASE platform, the Next Gen SASE Branch solution combines its three layers—Context-aware SASE Fabric, Zero Trust Hybrid Security, and a SkopeAI-powered Cloud Orchestrator—into a unified cloud offering. The three layers are defined below.

The UK government’s Cyber Essentials certification aims to get the UK up to speed with consistent cybersecurity controls, establishing a higher level of cybersecurity and resilience across the UK.

Netskope customers now have the option for traffic packet captures for Netskope Intelligent SSE for egress traffic from remote users or offices to the Netskope One cloud platform. Key to enabling this new capability is the NewEdge private network where Cloud TAP is available across the globe in data centers. Networking, infrastructure and operations, and security teams often require the following using network and cloud TAPs.

In today’s fast-paced digital world, maintaining seamless connectivity and an optimal user experience is critical. Organizations often struggle with limited network visibility, difficulty in diagnosing and resolving issues, and a lack of comprehensive insights into SASE performance. These challenges can lead to increased administrative burdens and compromised user satisfaction.

The adoption of cloud services, hybrid workforces, the rapid emergence and use of generative AI (genAI) along with the evolving regulatory environment are forcing security and risk management (SRM) leaders to enhance their SRM spending. Gartner forecasts global SRM spending to grow 14% in 2024. Moreover, worldwide end-user spending on SRM is projected to total $215 billion in 2024, an increase of 14.3% from 2023, according to a new forecast from Gartner, Inc.

One of the most evasive and hardest threats to detect are in memory frameworks using malleable command and control (C2) beacons to hide in benign traffic. They enable attackers to get in and remain invisible with hidden reconnaissance, discovery, C2, and data exploitation.

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends. In the first part of this blog series, we observed the inception of an internet-based model where corporate networks have no borders anymore, home is the office, applications are in the cloud. This paradigm shift makes connectivity ubiquitous. But security risks have dramatically increased.