Legacy VPNs have become a significant security liability for businesses and governments. VPNs require inbound access to corporate networks, significantly broadening the attack surface for malware. This makes them prime targets for threat actors, increasing the risk of disruption to your business.

We are witnessing an explosion in the number, type, and mix of smart devices in our business environment, driven by mobility, remote work, and the adoption of digital transformation initiatives. However, these devices come with their own set of security risks and challenges, creating a larger attack surface to manage and control.

Over the past year, the social engineering tactics used for cyber attacks have evolved significantly as attackers manipulate the inherent trust, biases, and vulnerabilities of individual human behavior to gain unauthorized access to sensitive information or systems.

I bet many of you have experienced those frustrating moments on Zoom, Teams, or any other Unified Communications as a Service (UCaaS) platform like RingCentral. You know what I’m talking about—the dreaded video and audio glitches caused by a less-than-stellar internet connection, which are often completely out of your hands.

According to the data collected by Netskope Threat Labs, over the course of 2023, OneDrive was the most exploited cloud app in terms of malware downloads. And if a good day starts in the morning, 2024 does not promise anything good. In fact, at the beginning of January, and after a nine-month break, researchers from Proofpoint detected a new financially motivated campaign by TA866, a threat actor characterized for being involved in activities related to both cybercrime and cyberespionage.

The past decade has seen governments around the world introduce significant new legislation covering data, cybersecurity, and technology. This has been part of a sustained effort to regain some influence over big tech and impose good governance practices on how businesses capture, protect, and manage data. This shift towards greater regulation has been largely led by the EU, which implemented the General Data Protection Regulation (GDPR) in 2018.

Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

Netskope continues to advance inline threat protection capabilities and has improved its detection and blocking of malware and phishing attacks while also lowering and improving its false positive rate in the latest AV-TEST Report. In every part of the testing, Netskope improved.

At Netskope, we have a long history of supporting customers in the US Federal Government. For example, the US Patent and Trademark Office (USPTO) recently chose Netskope to help with its cloud-first security initiatives, building out their entire SASE architecture. Today, we’re thrilled to announce two major developments to make it easier to acquire and implement Netskope in US federal agencies and the contractors that support them.

Threat actors often employ stealthy attack techniques to elude detection and stay under the defender’s radar. One way they do so is by using uncommon programming languages to develop malware. Using an uncommon programming language to develop malware provides several benefits, including: Netskope recently analyzed a malicious backdoor written in Nim, which is a relatively new programming language.