Internet-connected devices (also known as “the internet of things”) are a key business enabler for modern enterprises focused on transforming their businesses and gaining competitive advantage through automation and intelligent decision-making. According to IDC, there will be over 55.7 billion connected IoT devices (or “things”) by 2025, generating almost 80B zettabytes (ZB) of data.

In my previous blog, I covered the many different types of cyber threat intelligence and why gathering CTI is beneficial to security teams. In this post, I will dig into the cyber threat intelligence lifecycle framework and a model to help correlate and contextualize your findings.

From TVs to watches, fridges, lightbulbs, or coffee machines, it seems everything needs to be connected now to be marketable. The Internet of Things (IoT) environment is growing in homes and workplaces, but it has established itself way ahead of regulation. IoT devices do not currently have to comply with any specific cybersecurity standards and malicious actors are already making use of these endpoints.

LockBit (a.k.a. ABCD) emerged in September 2019 and became one of the most relevant RaaS (Ransomware-as-a-Service) groups among others like REvil, BlackMatter, Night Sky, Maze, Conti and Netwalker. The group targets many organizations around the world with a double-extortion scheme, where the attackers steal sensitive data and threaten to leak everything if the ransom is not paid.

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu. The above quote by Sun Tzu summarizes cyber threat intelligence (CTI) perfectly.

Most organizations—across almost every industry—have been forced to implement extensive digital components to their everyday operations so they can function efficiently. With this shift, cybersecurity awareness is permeating every business department and as malicious activity skyrockets, the role of security teams is becoming even more prominent across business functions.

Cloud applications play a crucial role in our personal and professional activities. Every day, without even thinking about it, we access dozens of cloud apps, where we store all kinds of data from financial information to family pictures. Netskope has coined the phrase “Cloud Data Sprawl” for this trend, and a few simple numbers summarise its extent.

On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.

We’ve seen major shifts in the digital landscape that have far reaching implications on organizations around the world. These include the widespread adoption of hybrid work, the accelerated migration from on-premise to cloud resources, and the exponential increase of data in the cloud.

One of the benefits of a secure access service edge (SASE) framework is that organizations can dramatically simplify the implementation of security services without having to go through constant network redesigns and appliance operating system updates.