Schließen
Schließen
Ihr Netzwerk von morgen
Ihr Netzwerk von morgen
Planen Sie Ihren Weg zu einem schnelleren, sichereren und widerstandsfähigeren Netzwerk, das auf die von Ihnen unterstützten Anwendungen und Benutzer zugeschnitten ist.
          Erleben Sie Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Ein führendes Unternehmen im Bereich SSE. Jetzt ein führender Anbieter von SASE.
            Ein führendes Unternehmen im Bereich SSE. Jetzt ein führender Anbieter von SASE.
            Netskope debütiert als Leader im Gartner ® Magic Quadrant ™ für Single-Vendor SASE
              Generative KI für Dummies sichern
              Generative KI für Dummies sichern
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Moderne Data Loss Prevention (DLP) für Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modernes SD-WAN für SASE Dummies-Buch
                  Modern SD-WAN for SASE Dummies
                  Hören Sie auf, mit Ihrer Netzwerkarchitektur Schritt zu halten
                    Verstehen, wo die Risiken liegen
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Die 6 überzeugendsten Anwendungsfälle für den vollständigen Ersatz älterer VPNs
                        Die 6 überzeugendsten Anwendungsfälle für den vollständigen Ersatz älterer VPNs
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive schützt sein "geistiges Eigentum" mit intelligentem und anpassungsfähigem Datenschutz
                          Colgate-Palmolive schützt sein "geistiges Eigentum" mit intelligentem und anpassungsfähigem Datenschutz
                            Netskope GovCloud
                            Netskope erhält die FedRAMP High Authorization
                            Wählen Sie Netskope GovCloud, um die Transformation Ihrer Agentur zu beschleunigen.
                              Let's Do Great Things Together
                              Die partnerorientierte Markteinführungsstrategie von Netskope ermöglicht es unseren Partnern, ihr Wachstum und ihre Rentabilität zu maximieren und gleichzeitig die Unternehmenssicherheit an neue Anforderungen anzupassen.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Technischer Support von Netskope
                                  Technischer Support von Netskope
                                  Überall auf der Welt sorgen unsere qualifizierten Support-Ingenieure mit verschiedensten Erfahrungen in den Bereichen Cloud-Sicherheit, Netzwerke, Virtualisierung, Content Delivery und Software-Entwicklung für zeitnahen und qualitativ hochwertigen technischen Support.
                                    Netskope-Video
                                    Netskope-Schulung
                                    Netskope-Schulungen helfen Ihnen, ein Experte für Cloud-Sicherheit zu werden. Wir sind hier, um Ihnen zu helfen, Ihre digitale Transformation abzusichern und das Beste aus Ihrer Cloud, dem Web und Ihren privaten Anwendungen zu machen.

                                      Cloud Threats Memo: Dropbox: Flexible Cloud Storage Increasingly Exploited by Attackers

                                      Jul 26 2022

                                      Researchers from ESET have shed light on a new macOS backdoor, discovered in April 2022, dubbed CloudMensis. At first glance this is just the latest example of spyware targeting the Apple operating system with the intent of exfiltrating documents, keystrokes, and screen captures. However, as the name suggests, one of the interesting features of this malware is a sophisticated two-stage kill chain that exploits legitimate cloud services in different phases of the attack.

                                      Specifically, a cloud storage service, pCloud, is used to store and deliver the second stage payload, and once the second stage payload is installed, CloudMensis leverages more cloud storage services for both receiving commands from its operators and for exfiltrating files, using three different providers: pCloud, Yandex Disk, and Dropbox.

                                      This is further confirmation that, as organizations give their digital trust to reliable online storage services for their daily business, threat actors are constantly looking for new ways to exploit this trust, to launch evasive campaigns that are difficult to detect. Threat actors are drawn to the very same reliability and simplicity to set up their malicious infrastructure that appeals to the organizations they target and so we all find ourselves using the same cloud applications on both sides of the battlefield. 

                                      This campaign proves that new cloud storage services are constantly added to the long list of those exploited for malicious purposes, while apps such as Dropbox are a well established weapon in the hands of threat actors. Dropbox is considered by the attackers to be a reliable and flexible service (for both delivering the payload and hosting the command and control infrastructure), and for this reason it has been successfully deployed for campaigns driven by cyber crime and cyber espionage, also in a recent campaign carried out by the infamous Russian-speaking threat actor APT29.

                                      How Netskope mitigates the risk of legitimate cloud services exploited for malicious purposes

                                      Dropbox is one of thousands of services where the Netskope Next Gen SWG can provide granular access control and one of dozens for which instance detection is also available. In similar cases where Dropbox is exploited to host the command and control, it is possible to configure a policy that prevents potentially dangerous activities (such as upload and download) from non-corporate instances. It is also possible to make the scope of the policy broader, blocking these activities for any unneeded cloud storage service on a category basis (including pCloud and Yandex Cloud) that can potentially be exploited for command and control or malware delivery.

                                      Malware delivery from a cloud storage service can also be prevented through Netskope Threat Protection, part of the NG-SWG, which provides an effective defense against modern evasive threats regardless of the nature of the traffic (web or cloud) with a layered approach that offers multiple engines, ranging from antivirus to cloud sandboxing, plus additional detectors based on machine learning to detect Office documents containing malicious macros and portable executables.

                                      Stay safe!

                                      author image
                                      Paolo Passeri
                                      Paolo supports Netskope’s customers in protecting their journey to the cloud and is a security professional, with 20+ years experience in the infosec industry.
                                      Paolo supports Netskope’s customers in protecting their journey to the cloud and is a security professional, with 20+ years experience in the infosec industry.

                                      Bleiben Sie informiert!

                                      Abonnieren Sie den Netskope-Blog