We measure and test things that are important in our lives, from credit scores to blood pressure. For cybersecurity, testing threat protection defenses is an expected benchmark. Netskope recently completed a set of anti-malware tests with AV-TEST, an independent anti-malware testing lab based in Germany with one of the world’s largest databases of malware samples. Every second, AV-TEST discovers four to five new malware variants.
Throughout 2022, Netskope Threat Labs found that attackers have been creating phishing pages in Google Sites and Microsoft Azure Web App to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken, and Gemini. These phishing pages are linked from the comment sections of other websites, where the attacker adds multiple links to the phishing pages, likely to boost SEO and drive victims directly to these pages.
Ask any security professional how to effectively measure risk and many will give a simple answer…
This is the fifth in a series of articles focused on AI/ML. Source code is a critical part of an organization’s intellectual property and digital assets. As more and more centralized source code repositories are moving to the cloud, it is imperative for organizations to use the right security tools to safeguard their source code.
Alan Hannan is a member of the Netskope Network Visionaries advisory group. The cloud often seems like a black box for many corporate networking and security professionals. They have expertise in optimizing their internal network. Still, once they offload their traffic to the cloud, they figure they’re handing off optimization to the software-as-a-service (SaaS) provider.
Ousaban (a.k.a. Javali) is a banking malware that emerged between 2017 and 2018, with the primary goal of stealing sensitive data from financial institutions in Brazil. This malware is developed in Delphi and it comes from a stream of LATAM banking trojans sourced from Brazil, sharing similarities with other families like Guildma, Casbaneiro, and Grandoreiro.
Today, open source software provides the foundation for the vast majority of applications across all industries, and software development has slowly moved toward software assembling. Because of this change in the way we deliver the software, new attack surfaces have evolved and software security is facing new challenges inherent with dependency on open source software.
Security transformation doesn’t succeed without network transformation. The two go hand-in-hand when it comes to building the secure access service edge (SASE) architecture of the future, and if security degrades the network experience, or the network experience bypasses security, each of those trade-offs introduces more risk to the enterprise—it doesn’t have to be that way.
A new long-running phishing campaign, allegedly originating from Vietnam and active since 2018, is targeting professionals on LinkedIn with the final objective to compromise their corporate Facebook accounts.
As a CIO it is very easy to get “new-acronym-deafness.” New innovations need new words and name-tags to identify them, and while analysts work hard to provide benchmarks and standardised definitions, it can be hard to keep up. At Netskope we know how confusing it can get, because sitting at the vanguard of emerging categories means we have had to do our fair share of explainers and re-labelling over recent years.
