▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

Menlo Security Exposes Three New Nation-State Campaigns

Menlo Security, a leader in browser security, today released its latest report, “Global Cyber Gangs,” which uncovered three novel nation-state campaigns employing highly evasive and adaptive threa...

Business Wire

State-sponsored threat actors seen employing evasive techniques to target government, banking, and healthcare organizations

MOUNTAIN VIEW, Calif.: Menlo Security, a leader in browser security, today released its latest report, “Global Cyber Gangs,” which uncovered three novel nation-state campaigns employing highly evasive and adaptive threat (HEAT) attack techniques. The report highlights state-sponsored threat actors' growing sophistication and shifting behavior and describes how their novel techniques evade traditional security controls.

In a recent 90-day period, Menlo Labs uncovered a trifecta of sophisticated HEAT campaigns—LegalQloud, Eqooqp, and Boomer—compromising at least 40,000 high-value users, including C-suite executives from major banking institutions, financial powerhouses, insurance giants, legal firms, government agencies, and healthcare providers. The breadth and depth of these breaches signal an alarming escalation in cyber warfare, all detailed in this report.

“This year, state-sponsored cyberattacks such as these have impacted at least one-third of American citizens,” said Andrew Harding, Vice President of Security Strategy at Menlo Security. “State-sponsored cyberattacks are a looming cloud over security leaders, and our research shows that they have been growing in both sophistication and scale. One thing is clear: attackers are moving fast and refreshing their tactics to target the browser, and traditional security controls such as SSE or SWG are letting these attacks slip through the cracks.”

Menlo Labs identified these novel campaigns:

LegalQloud, hosted on Tencent Cloud (the largest Internet company in China), impersonates legal firms to steal Microsoft credentials, targeting governments and investment banks in North America. Menlo Labs discovered 500 enterprises targeted by this campaign in a 90-day period, bypassing URL categorization and block lists.

Eqooqp can defeat multifactor authentication (MFA) and targets a range of government and private sector organizations, including logistics, finance, petroleum, manufacturing, higher education, and research. Nearly 50,000 attacks associated with this campaign have been detected and stopped by Menlo Cloud in recent months.

Boomer is an intricate phishing campaign targeting sectors such as government and healthcare. In Boomer attacks, threat actor employs advanced evasive techniques including dynamic phishing sites, custom HTTP headers, tracking cookies, bot detection countermeasures, encrypted code, and server-side generated phishing pages.

Other key findings surrounding these campaigns include:

  • 60% of malicious links clicked by a user are attributed to phishing or fraud.
  • 25% of phishing links clicked by the user goes undetected by legacy URL filtering.
  • Microsoft is the most impersonated brand across industries.

The Menlo Security findings presented in this report reveal the increasing sophistication and alarming prevalence of evasive attacks by nation-state actors, capable of bypassing MFA using Adversary in the Middle (AiTM) kits. Leveraging unique and early-stage telemetry from within the Menlo Cloud, Menlo Security developed effective defenses against these HEAT attacks. The Menlo Secure Cloud Browser, with HEAT Shield phishing prevention, offers real-time protection by executing web requests in the cloud. This eliminates the browser attack surface, preventing malicious activities from ever reaching endpoints.

Download the Global Cyber Gangs Report to read the full findings, including which specific tactics each campaign used, the verticals they are targeting, and how these evasive techniques are evolving.

To learn more about the role of browser security in eliminating the risk of highly evasive threats, visit Menlo Security’s platform overview page or schedule a demo.

About Menlo Security

Menlo Security protects organizations from cyber threats that attack web browsers. Menlo Security’s patented Cloud-Browser Security Platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JPMorgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Fintech: Links tests the use of exponential technologies in the banking…

Links Management and Technology just concluded the testing phase of a research project focused on banking transformation

Axyon AI: Italian Artificial Intelligence for Finance applications

Axyon AI offers an AI platform specifically designed for asset management, with several interesting strengths for those approaching machine/deep learning…

Italian Artificial Intelligence tackles medical emergencies at sea

Mermaid-AI is a telehealth platform at sea based on a visor equipped with an AR, medical Artificial Intelligence algorithms, satellite communications…

Most read

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Biostate AI Launches Total RNA Sequencing and Free Data Analysis AI

Biostate AI, the scalable biodata foundry startup, emerges from stealth today with the launch of two service products: Total RNA sequencing and Copilot…

GlassHive Announces Integration with ConnectWise to Elevate the ConnectWise…

#businessautomation--GlassHive, a trailblazer in sales and marketing automation, has announced an integration with ConnectWise, a leading provider of…

ISG to Announce Second-Quarter Financial Results

$III #earnings--Information Services Group (ISG) (Nasdaq: III), a leading global technology research and advisory firm, said today it will release its…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!