With original research and in-depth analysis of cloud-related threats — including cloud phishing, scams, malware delivery, command and control, data exfiltration, data exposure — the Labs helps protect Netskope customers from malicious actors and contributes to the global security community with research, advice, and best practices.
Led by renowned security researchers, distinguished engineers, and principal architects with experience founding and leading companies in Silicon Valley and around the world, the Netskope Threat Labs is based in our headquarters with representation throughout the world. The researchers are regular presenters and volunteers at top security conferences, including DefCon, BlackHat, and RSA.
This edition of the Netskope Cloud and Threat Report focuses on the tactics and techniques that were most commonly used against Netskope customers during the first nine months of 2023. Globally, Netskope customers were most commonly targeted by criminal adversaries, with Wizard Spider targeting more organizations than any other group. We round out this report by exploring which are the most active adversaries in multiple industry verticals and geographic regions.
Join Leandro Froes at BlackHat Europe for an Arsenal presentation about a new tool, gftrace, that can be used to analyze malware written in Go, providing detailed information about the Windows API calls the malware invokes. gftrace supports all the Go versions, is very easy to use and understands the Golang nuances by natively, making its output clean and easy to understand.
Get the monthly Threat Lab Report as soon as it’s released.