Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A month ago, Google released eight new top level domains (TLD). Two of them (.zip and.mov) have been a cause for concern because they are similar to well known file extensions. Both.zip and.mov TLD are not new, as they have been available since 2014. The main concern is that anyone now can own a.zip or.mov domain and be abused for social engineering at a cheap price. Because both of these TLDs are indistinguishable from the file extensions, they can be a great bait for threat actors.

Netskope Threat Labs publishes a monthly summary blog post of the top threats we are tracking on the Netskope platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.

The purpose of the Netskope Threat Labs News Roundup series is to provide enterprise security teams an actionable brief on the top cybersecurity news from around the world. The brief includes summaries and links to the top news items spanning cloud-enabled threats, malware, and ransomware.

Dark Pink (also known as Saaiwc Group) is an advanced threat actor that has been operating since mid-2021, mainly in the Asia-Pacific region and to a lesser extent in Europe, leveraging a range of sophisticated custom tools within a sophisticated kill chain relying on spear-phishing emails. The group has been quite active since 2021, attacking at least 13 organizations in Vietnam, Bosnia and Herzegovina, Cambodia, Indonesia, Malaysia, Philippines, Belgium, Thailand, and Brunei.

Large language models (LLMs), such as ChatGPT, have gained significant popularity for their ability to generate human-like conversations and assist users with various tasks. However, with their increasing use, concerns about potential vulnerabilities and security risks have emerged. One such concern is prompt injection attacks, where malicious actors attempt to manipulate the behavior of language models by strategically crafting input prompts.

A new critical zero-day vulnerability in the MOVEit Transfer software is being actively exploited by attackers to exfiltrate data from organizations. MOVEit Transfer is a managed file transfer (MFT) software, developed by Progress, designed to provide organizations a way to securely transfer files, which can be implemented on-premise or as a cloud SaaS platform. According to BleepingComputer, attackers have been actively exploiting MOVEit Transfer to download data from organizations.

In today’s rapidly digitizing world, the importance of data security has become paramount. With the increasing amount of sensitive information being shared and stored online, securing information from cyber attacks, information breaches, and theft has become a top priority for companies of all sizes. Data loss prevention (DLP) is a critical part of the Netskope Intelligent Security Service Edge (SSE) security platform, providing best-in-class data security to our customers.

While it might seem initially abstract, sustainability and data security are symbiotic. Allow me to explain. Regardless of the action or industry, critical data touches everything. Whether data is being used in pharmaceutical research, financial records, or intellectual property, securing it is the common imperative. This is especially true as it moves through various access points, the cloud, applications, the web, and various other transactions.