Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Netskope Threat Labs is tracking a widespread phishing campaign affecting hundreds of Netskope customers and thousands of users. The campaign aims to steal credit card information to commit financial fraud, and has been ongoing since the second half of 2024. The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link, leading them to provide sensitive information.

Today’s businesses rely on third-party vendors, contractors, and partners to operate efficiently more than ever. But every external connection introduces a risk—especially when it comes with overly permissive access. If not properly managed, this can become a significant vulnerability. Attackers know this, and they actively exploit these weak points.

The rapid rise of generative AI (genAI) applications is reshaping enterprise technology strategies, pushing security leaders to reevaluate risk, compliance, and data governance policies. The latest surge in DeepSeek usage is a wake-up call for CISOs, illustrating how quickly new genAI tools can infiltrate the enterprise. In only 48 hours, Netskope Threat Labs observed a staggering 1,052% increase in DeepSeek usage across our customer base.

DeepSeek’s latest large language models (LLMs), DeepSeek-V3 and DeepSeek-R1, have captured global attention for their advanced capabilities, cost-efficient development, and open-source accessibility. These innovations have the potential to be transformative, empowering organizations to seamlessly integrate LLM-based solutions into their products. However, the open-source release of such powerful models also raises critical concerns about potential misuse, which must be carefully addressed.

This blog is a follow-up to the post Opportunities & Risks for Digital-first Leaders in Business-led IT The days of shadow IT as an unregulated threat are over. Business-led IT represents a fundamental shift in how organizations innovate and operate. To succeed in this new reality, CIOs must embrace what I call the “New CIO” mindset.

In the world of cloud services, transparency has often been treated as a box to check rather than a cornerstone of innovation. Trust and status portals, once an innovative approach for offering visibility into service health and availability, now largely feel stagnant and table stakes providing the bare minimum. But is transparency and visibility just a “nice-to-have”? Some might think so. At Netskope, we see it differently.

In January, Netskope Threat Labs observed a new malware campaign using fake CAPTCHAs to deliver Lumma Stealer. Lumma is a malware that works in the malware-as-a-service (MaaS) model and has existed since at least 2022. The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world.

In the digital era, the ability to adopt and integrate technology quickly has become a key driver of business success. Technology decisions are increasingly being made outside IT organizations as cloud-based tools, SaaS platforms, and low-code/no-code solutions become more accessible. Known as business-led IT, this trend democratizes technology, empowering business leaders to innovate independently.

No matter what industry you’re in, solving for performance issues is always at the top of every networker’s mind. Especially with applications like Microsoft Teams, or similar unified communications as a service (UCaaS) solutions from Zoom, Webex, RingCentral, Mitel, Vonage, or 8×8, that have become critical to day-to-day business operations.

In an age where cyber threats are increasingly sophisticated and prevalent, organizations must prioritize integrating security into the very core of their technology. Security can no longer be an afterthought or a box to check; it needs to be part of the design and development process from the start.