Who said that cloud services are only exploited by opportunistic cybercriminals? Researchers from Cybereason have recently discovered a new highly targeted campaign, dubbed Operation GhostShell targeting the Aerospace and Telecommunications industries mainly in the Middle East, with additional victims in the U.S., Russia, and Europe.
When the COVID-19 pandemic descended on the U.S., companies took a no-holds-barred approach to maintain their operations. Employees up and down organizational structures were told to work from home, and IT teams were tasked with making that happen. The timeline was short, and approval processes moved quickly, which meant changes to network access and security were made more quickly, and in some cases more haphazardly, than in a “normal” situation.
On Monday, October 4, 2021, Facebook suffered a prolonged outage when, during routine maintenance, all connections to their global backbone network were mistakenly taken down. More details on the cause and response to the outage are available on the Facebook blog. At Netskope, we help secure the cloud and web traffic of millions of users worldwide. In this blog post, we provide a glimpse into what the Facebook outage looked like from our perspective.
In September of 2021, a new malware family named SquirrelWaffle joined the threat landscape. It spread through infected Microsoft Office documents attached in spam emails. The infection flow starts with a ZIP file that contains the infected Office document. When the file is opened by the victim, the malicious VBA macros download SquirrelWaffle DLL, which eventually leads to deploying another threat, such as CobaltStrike or QakBot.
In 2019, when the term Secure Access Service Edge, or SASE, was first coined, it was to define a useful way of setting up the network and security infrastructure to satisfy a cloud-first future with services at the edge. Since then, SASE has been long on hype and discussion, but short on actual, practical advice. What does SASE mean for your digital transformation strategy?
The global pandemic further accelerated a trend toward remote work that was already underway, even in federal, state, and local agencies that previously resisted it. But as agencies continue to offer telework options to employees, they must also rethink their security stack to better mitigate the cybersecurity risks that remote work catalyzes. Traditional, perimeter-based approaches to security will no longer work in a cloud-first environment where data can, and is, accessed from just about anywhere.
We are pleased to share that Netskope has been selected by the Advanced Technology Academic Research Center (ATARC) as one of 49 vendors to participate in its Zero Trust Lab. The Zero Trust Lab is a state-of-the-art physical and virtual test environment that will provide federal agencies with the opportunity to build, test, and evaluate new Zero Trust Architectures in a simulated environment.
