Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

New Formbook Campaign Delivered Through Phishing Emails

Since the beginning of 2022, the unfolding geopolitical conflict between Russia and Ukraine has resulted in the discovery of new malware families and related cyberattacks. In January 2022, a new malware named WhisperGate was found corrupting disks and wiping files in Ukrainian organizations. In February 2022, another destructive malware was found in hundreds of computers in Ukraine, named HermeticWiper, along with IsaacWiper and HermeticWizard.

3 Strategies for CISOs to Frame Meaningful Security Conversations with Corporate Boards

One chief information security officer (CISO) recently asked me how he should describe SASE (secure access service edge) and zero-trust networking to his company’s directors. My answer was easy: You shouldn’t. As companies revamp their technology infrastructure to leverage cloud efficiencies and enable a remote workforce, cybersecurity is now mission-critical for senior executives and boards of directors.

Cloud Threats Memo: Tightening Up Leaky GitHub Repositories

Another day, another cloud service leaking personal data because of a misconfiguration. And before you jump to any conclusions, no, it’s not a leaky bucket on AWS S3 or a public blob on Microsoft Azure… The culprit is, once again, GitHub, where an open-source hardware manufacturer has inadvertently left exposed a private-to-public repository that “could have enabled unauthorized access to information about certain user accounts on or before 2019.”

Be On Alert: Steps to Take Ahead of Possible Cyber Attacks

Netskope is keeping a close watch on the rapidly changing situation in Ukraine. Along with the attention we are giving to the safety and well-being of Netskope employees in the region, we are in a state of high alert with respect to cyber threats and risks to our customers. Netskope Threat Labs is continuously monitoring cybersecurity threats related to the conflict in Ukraine.

How Security Service Edge (SSE) Can Help Federal, State, and Local Government Security Leaders in Their Zero Trust Journey

The federal government continues to make progress towards Zero Trust (ZT) adoption. On May 12, 2021, President Biden signed Executive Order 14028 to improve the nation’s cybersecurity and protect federal government networks and on January 26, 2022, the Office of Management and Budget (OMB) released a Federal strategy to move the U.S. Government toward a Zero Trust approach to cybersecurity.

SD-WAN and Security Service Edge (SSE): Building Blocks for SASE

If you work in networking or security, you have probably gotten used to the acronym stew that makes up the technology industry at times. By now you have surely heard the latest buzzword and what industry analysts have coined as security service edge (SSE). SSE is essentially the consolidation of Firewall-as-a-Service (FWaaS), secure web gateway (SWG), cloud access security broker, and Zero Trust Network Access (ZTNA) delivered as a cloud service.

Netskope Threat Coverage: HermeticWiper

In January 2022, Netskope analyzed a destructive malware named WhisperGate, wiping files and corrupting disks during the aftermath of a geopolitical conflict in Ukraine. On February 24, the conflict escalated with Russian attacks in Ukraine, followed by a series of DDoS attacks against Ukrainian websites. On February 24, 2022, a new malware called HermeticWiper was found in hundreds of computers in Ukraine. HermeticWiper corrupts disks on infected systems, similar to WhisperGate.

Microsoft Office: VBA Blocked By Default in Files From the Internet

In January 2022, Microsoft announced that Excel 4.0 macros will be restricted by default, as a measure to protect customers against malware based on XLM 4.0 macros. As a more aggressive measure, on February 07, 2022, Microsoft announced that they will start blocking VBA macros for files downloaded from the internet.

Building Operational Efficiency in Your SOC with Better Visibility

As security operations leaders, we are burdened with a large responsibility. The expectation is that we can respond to alerts as soon as possible and be able to investigate immediately. It sounds simple, but in today’s cyber threat landscape we are faced with growing threat vectors and a sheer volume increase in overall alerts or notifications. Failure to respond quickly enough or investigate the right areas could result in huge impacts to the organizations we are responsible for.