Netskope Threat Labs publishes a quarterly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

This blog series continues to explore a number of different workflows that those comfortable using basic scripting, or enablement tools like Postman, can employ to programmatically update and inform your inline policy actions. These are just some of the functions that the newest version of Cloud Exchange (CE), version 5.1, supports now and in the future. Look for it to hit the shelves at the end of October 2024.

From April to September 2024, Netskope Threat Labs tracked a 10-fold increase in traffic to phishing pages crafted through Webflow. The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for multiple company webmail platforms, as well as Microsoft365 login credentials.

One of the most interesting findings of our Netskope Threat Labs Report: Insurance 2024 was the discovery that GitHub is the most popular application in terms of malware downloads for this specific vertical, surpassing Microsoft OneDrive, which is usually the undisputed leader of this unwelcome chart.

Bumblebee is a highly sophisticated downloader malware cybercriminals use to gain access to corporate networks and deliver other payloads such as Cobalt Strike beacons and ransomware. The Google Threat Analysis Group first discovered the malware in March 2022 and named it Bumblebee based on a User-Agent string it used. The Netskope Threat Labs team discovered what seems to be a new infection chain leading to Bumblebee malware infection, and our findings corroborate those shared by other researchers.

App connectors are a critical component of the Netskope secure access service edge (SASE) platform, offering visibility into user activities based on their interactions with cloud applications. These connectors monitor various types of user actions, such as uploads, downloads, and sharing events in apps like Google Drive and Box, by analyzing network traffic patterns.

Over a decade ago, when cloud-delivered security services like secure web gateway (SWG) began emerging, the focus was mainly on protecting a small segment of the workforce—remote users plus contractors, suppliers, and partners. The challenge was ensuring these off-premises users had the same security protections as those on-site, especially when endpoint agents were insufficient, impractical, onerous, or prone to being disabled!

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends. In the previous blogs of this series, we explored how the internet has evolved into a primary channel for corporate business traffic and how secure access service edge (SASE) has become the foundational security pillar of this new framework.

Early last month, Netskope announced a few key security innovations across the Netskope One platform and some of my colleagues kicked off the conversation about Netskope Risk Exchange in a previous blog, Evolving the Netskope Risk Exchange Ecosystem. This blog series will continue to explore a number of different workflows that those comfortable using basic scripting, or enablement tools like Postman, can employ to programmatically update and inform your inline policy actions.

This is the third blog in our series, where we embark on a journey of Branch Transformation with the Next Gen SASE Branch solution. Built on the Netskope One SASE platform, the Next Gen SASE Branch solution combines its three layers–Context-aware SASE Fabric, Zero Trust Hybrid Security, and a SkopeAI-powered Cloud Orchestrator–into a unified cloud offering.

Artificial intelligence (AI) is transforming industries across Asia, driving innovation, economic growth, and societal advancements. However, AI’s profound impact also brings significant governance challenges. As with any transformative technology, robust regulatory frameworks are essential to mitigate risks, ensure ethical use, and protect public interests. Reflecting on the evolution of cybersecurity regulation may provide insight into how AI regulation might develop.

Artificial intelligence (AI) is increasingly embedded in modern organisations—from standalone generative AI apps to AI copilots in popular SaaS platforms, and the integration of self-hosted or public large language models (LLMs) in private applications tailored to specific business needs. The recently introduced EU AI Act sets out to regulate AI development and usage, ensuring that AI systems are safe, ethical, and respect fundamental rights.