Over the past few weeks, our UK team has been very excited about the expansion of our NewEdge infrastructure, specifically the addition of a new data centre in London. Knowing that this was the fourth data centre in the UK, I cornered our EMEA CISO Neil Thacker, and our new UK public sector lead Tim Parkins, to find out what all the fuss was about.

Attackers who were previously abusing DigitalOcean to host a tech support scam have expanded the operation, now abusing StackPath CDN to distribute the scam, and are likely to start abusing additional cloud services to deliver the scam in the near future. From February 1 to March 16, Netskope Threat Labs has seen a 10x increase of traffic to tech support scam pages delivered by StackPath CDN.

Over its history Netskope has delivered many tools to integrate its various solutions and findings with Microsoft products. We have built multiple integrations with Azure Active Directory, Azure Sentinel, Azure Monitor, and Azure Blob and Compute. All of these are very helpful in unlocking base or advanced functionality to augment Microsoft solutions.

Over the last decade, the internet has undergone significant changes. While in the past the internet was primarily used for accessing information, in recent years it has become a connectivity tool, providing access to critical business SaaS and IaaS. These cloud-based services have enabled businesses to be more agile and flexible, supporting remote work and vastly improving collaboration with colleagues across the globe.

I have been watching Secureworks for a long time—ever since Dell bought the company back in February of 2011. The company’s reputation as a leader in managed security services was well-known, and this purchase represented one of the first big bets by Dell in the cybersecurity space. Secureworks could analyze and remediate the ever-evolving threat landscape for Dell customers.

Legitimate cloud storage services are increasingly being exploited for cyber espionage, so the discovery of a similar operation in the context of the Russian invasion of Ukraine was just a matter of time.

The last decade has seen a notable step in the evolution of network security and operations as companies move to a Software Defined Network (SDN) model, centralising control of switches, routers, VPN concentrators, load balancers and SD-WAN devices. This simplifies the management and operation of the network, driving down operational costs and reducing risk through better patch and update management.

With many financial institutions continuing to feel an impact from The Great Resignation, and seeing tighter budgets across the board in 2023, security leaders are being asked to do more with less. So far in 2023, many organizations are hesitant to hire additional staff or even backfill open positions—forcing many security leaders to make do with fewer people than in the past.

In the February 2023 Patch Tuesday, Microsoft fixed a remote code execution vulnerability in Microsoft Word, tracked as CVE-2023-21716. The vulnerability is critical, having a CVSS score of 9.8 out of 10, and could allow an attacker to execute code with the same privileges as the victim through rich text format (RTF) documents.

Emotet is undoubtedly a very resilient botnet. Even though its operation was disrupted by Europol in January 2021, Emotet came back a few months later and continues to spread. In May 2022, shortly after Microsoft released new controls related to malicious macros, Netskope Threat Labs analyzed an Emotet campaign where they were testing a new delivery method, by using LNK files.