Phishing is one of the most common online security threats. A phishing website tries to mimic a legitimate page in order to obtain sensitive data such as usernames, passwords, or financial and health-related information from potential victims. Machine learning (ML) algorithms have been used to detect phishing websites, as a complementary approach to signature matching and heuristics.

Last week Netskope was awarded the “Cloud Services Vendor Of The Year” trophy at the UK’s CRN Awards. It is the second award we have won for our efforts in the UK channel this year – earlier in the summer we took home CRN’s “Technology Innovation” gong as well.

Netskope Threat Labs spotted a new crypto-phishing attack that aims to steal sensitive data from crypto wallets, including private keys and security recovery phrases, disguising itself as a service to revoke stolen ERC (Ethereum Request for Comments) assets. The page was created and hosted with Netlify, which is a free cloud service to create websites and apps.

BlackCat (a.k.a. ALPHV and Noberus) is a Ransomware-as-a-Service (RaaS) group that emerged in November 2021, making headlines for being a sophisticated ransomware written in Rust. It has both Windows and Linux variants and the payload can be customized to adapt to the attacker’s needs. BlackCat is also believed to be the successor of the Darkside and BlackMatter ransomware groups.

As we enter the thick of budget season, especially in a time where budgets are expected to start tightening, security and IT leaders need to anticipate the discussions they are going to have with executive leaders. This means proactively preparing a formal business case for the security program to ensure funding for upcoming projects.

10 years ago I moved to the UK and made it my home, and I love living here. I like Marmite, debates over whether the evening meal is dinner, tea, or supper, the constant requirement to remark upon the weather… and the many bizarre traditions. One of these bizarre traditions is Bonfire Night, celebrated on 5th November each year to commemorate the Gunpowder Plot when a bunch of conspirators (including a man called Guy Fawkes) tried to blow up Parliament and King James.

A recent campaign, unearthed by researchers at INKY, is the latest example of exploitation of a legitimate cloud service. The campaign impersonates the U.S. Small Business Administration (SBA), targeting small businesses that are unaware of the fact that the SBA recently stopped accepting applications for COVID-19 relief loans or grants. The element that makes this campaign stand out from the others is the exploitation of a well-known and familiar cloud service to host the phishing page: Google Forms.

The problem of securing the modern workforce goes beyond occasional spats between IT and security. The real problems we see are user credentials under constant attack, alongside attempts to harvest and exploit enterprise data. Plus the cloud resources that workforces need are tough to secure, especially when deployed outside of IT-led processes. In light of these issues, corporations need a way to securely provide always-on cloud access for users while safeguarding enterprise data anywhere it goes.

Vulnerability management can be more than just running scans and sorting by Common Vulnerability Scoring System scores! Take your program to the next level by adding a threat-based approach to vulnerability management by combining the hacker mindset with cyber threat intelligence. With so many vulnerabilities published daily, having a team knowledgeable with the latest threats can help IT teams quickly identify assets that require expedited remediation.

Phishing is a well known threat that users are constantly being warned about, but as we are in Cybersercurity Awarenss Month though, some may still be wondering what exactly phishing is and how to prevent it. In this blog, I am going to dig into how you can recognize phishing and how enabling multi-factor authentication can help keep you safe.