Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.

‘Black Friday’ is an event every savvy shopper eagerly awaits as the holiday season approaches. However, it’s no longer just a single day of deals. Black Friday has evolved into a weeks-long sales event, and in some cases, it spans the entire month of November. While this extended shopping period offers consumers more time and flexibility to grab bargains, it also significantly increases opportunities for cybercriminals to exploit unsuspecting shoppers.

Our stack to go from experimenting to production won't have any more secrets for you.

We are excited to see the Cybersecurity Infrastructure Security Agency (CISA) and outgoing Director Jen Easterly strongly recommend PHISHING-RESISTANT multi-factor authentication (MFA). The majority of people, including the majority of cybersecurity practitioners, do not know that most MFA…especially the most popular types used today (e.g., one-time passwords, pushed-based, SMS-based, etc.), can be as easily phished or bypassed as the passwords they were intended to replace.

Welcome to the second part of our investigation into the Rockstar kit, please check out part one here. This blog tackles real-world Rockstar 2FA email examples incorporating noteworthy techniques.

As cyber threats escalate in frequency and severity, IT and security teams face increased pressure to maintain transparency. With this in mind, the US Securities and Exchange Commission’s (SEC) Cyber Disclosure Rule, released on 26 July 2023, mandates timely and detailed public disclosures about cyber incidents.

On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. This widely used open-source file archiving software enables remote actors to perform remote code execution (RCE) on vulnerable 7-Zip versions. This vulnerability was originally discovered earlier this year and was reported to 7-Zip in June 2024.

The physical location of users has become less and less important in conducting business, with the drawback that it creates new, persistent threats to organizations. You know that. You may not know that remote access to IT and business-critical systems is not a new concept. It’s been around since the late 1980s.

Continuing our ongoing series collecting predictions from our many subject-matter experts here at Netskope, we gathered some hot topics and predictions from the Netskope Threat Labs team based on what they are starting to see evolving in the landscape. Here’s what they had to say.

Data loss can be a consequence of a variety of factors from malicious ransomware to hardware failures and even natural disasters. Regardless of the reason for data loss, we need to be able to restore our data. A data recovery plan begins with prioritizing our data, protecting it while it is being stored, and having a plan to recover data.