Netskope applauds the White House’s Executive Order on Improving the Nation’s Cybersecurity, especially the rigor with which short-term deadlines and some clear-cut plans of action are described. DarkSide ransomware and the attack on the Colonial Pipeline is just one recent example of events that have disrupted national critical infrastructure and put the privacy and safety of millions of individuals at risk.

The term “gig economy” refers to the increasingly common use of skilled freelance or otherwise independent workers on a short-term basis—often one project at a time. The availability of these sorts of gig workers has brought massive change to global work culture over the last few years.

During the early days of the COVID-19 pandemic, many government agencies had to move very quickly to enable teleworking to ensure mission consistency during a very unprecedented time. More than one year later, and it is clear that teleworking in government is likely to remain in 2021, and beyond.

DarkSide is a ransomware-as-a-service platform that made headlines on May 8, 2021, for targeting Colonial Pipeline, resulting in a shutdown of their pipeline operations. The DarkSide ransomware platform first appeared in August 2020, advertising that they would not target organizations in the education, government, medical, or non-profit sectors.

Best practices for securing an AWS environment have been well-documented and generally accepted, such as AWS’s guidance. However, organizations may still find it challenging on how to begin applying this guidance to their specific environments. In this blog series, we’ll analyze anonymized data from Netskope customers that include security settings of 650,000 entities from 1,143 AWS accounts across several hundred organizations.

Cloud misconfigurations continue to be a serious concern for organizations, and the list of security incidents caused by the exposure of data from Saas and IaaS applications only continues to grow.

The success of a Secure Access Service Edge (SASE) architecture depends on how well networking and security teams, and the products and services they manage, converge into a shared set of priorities tied to business objectives. Unfortunately, new research from Censuswide confirms this network-security team collaboration is still strained—if not downright combative—at a majority of enterprises.

In case you missed it, Netskope’s recent Aiming for Zero event was focused around how Zero Trust is more than just access controls and passwords—it’s a security concept that applies to all aspects of your network, your data, the applications you use, and the way you interact with them. If you missed the event and want to hear more about our deep dives int Zero Trust, there’s no need to worry!

Cybercriminals are increasingly abusing popular cloud apps to deliver malware to their victims. In 2020, more than half of all the malware downloads detected and blocked by the Netskope Security Cloud platform originated from cloud apps. Cloud apps are commonly abused to deliver Trojans, with attackers attempting to exploit the trust placed in the app used for delivery. Increasingly, cloud apps are also abused for next-stage downloads, with attackers attempting to blend in with benign traffic.

The trove of 1.3 million RDP credentials leaked recently is yet again proof that, In the underground economy, initial access brokerage is a flourishing market. Cybercriminals are outsourcing the initial access stage of the attack, so they can better focus on the execution and act more quickly.