Netskope is proud to have contributed once again to Verizon’s annual Mobile Security Index —one of the most influential reports in the industry for evaluating mobile security trends. This report is based on a survey of hundreds of professionals responsible for buying, managing, and securing mobile and IoT devices.

Intel 471 researchers have identified a new malicious document builder, dubbed “EtterSilent,” leveraged by various threat actor groups. One of the build options is a weaponized Microsoft Office document (maldoc) that uses malicious macros to download and execute an externally hosted payload. The maldocs pose as templates for DocuSign, a cloud-based electronic signature service.

By the end of 2020, Microsoft 365 was used by more than one million companies worldwide. And for good reason. With the move to remote work, applications like Word and Excel, Teams, OneDrive and SharePoint, provided businesses with a familiar, easy to access, and easy to use productivity suite – all available in the cloud.

Companies of all sizes need clear and cohesive security visibility over every aspect of their organization. As data and assets are trending to mobile, it’s critical to be equipped with the right tools to gain insights on mobile devices and users on the endpoints and mitigate threats whenever needed.

Detecting malicious processes is already complicated in cloud-native environments, as without the proper tools they are black boxes. It becomes even more complicated if those malicious processes are hidden. A malware using open source tools to evade detection has been reported. The open source project used by the malware is libprocesshider, a tool created by Sysdig’s former chief architect Gianluca.

Working toward GDPR compliance means taking inventory on the data you collect and process. You've mapped your data, have a catalog of impact assessments, but now you need a way to present it in a way that regulators can look over. As far as the general data protection regulation (GDPR) is concerned, every piece of data processing you do needs a record, and those records are stored in a record of processing activities (ROPA). Regulators use a ROPA to get a full picture of your data processing.

The choice for persistent storage for your cloud native applications depends on many factors including how your cloud journey started and whether your applications were migrated or developed for the cloud. Also, depending on how early you started using containers and migrated to Kubernetes, your distribution or managed service may not have offered the persistent data services you needed.

Over the past several years, an increasing amount of organizations have been moving their applications from on-premises to cloud-hosted platforms. And with the current pandemic forcing most businesses to adopt a fully remote work environment, the cloud is even more appealing. Gartner reported that cloud spend rose by double digits in 2020, and it’s expected to continue to grow by 18.4 percent in 2021.

Cloud native has been a growing trend as organizations shift away from on-premise infrastructure and longer software release cycles towards a more iterative development approach using cloud-based tooling and infrastructure. While cloud native applications enable rapid deployments and greater scalability, this emerging software approach also introduces security challenges.