Threat Research for the cloud

Netskope Threat Research Labs finds and analyzes the latest cloud threats


Netskope Threat Research Labs


Staffed by the industry’s foremost cloud threat and malware researchers, the Netskope Threat Research Labs discovers and analyzes the latest cloud threats affecting enterprises. With original research and in-depth analysis on cloud malware, new strains of ransomware, and other cloud-related threats, the Labs helps protect Netskope customers from malicious actors and contributes to the global security community with research, advice, and best practices.

Led by renowned security researchers, distinguished engineers, and principal architects with experience founding and leading companies in Silicon Valley and around the world, the Netskope Threat Research Labs is based in our headquarters in California and with satellite locations in Canada and India.


Decoys, RATs, and the Cloud: The growing trend

Netskope Threat Research Labs recently posted an article, detailing the CloudPhishing Fan-out resulting from Decoy PDF documents. This post observes a similar threat in the use of such PDF decoys that use cloud storage services to carry out not only phishing attacks but also infect user devices with malware such as Remote Administration Tools (RATs).

Read the blog

Decoys, Phishing, and the Cloud: The Latest Fan-out Effect

In yet another discovery of the cloud malware fan-out, Netskope Threat Research Labs analyzes phishing attacks using decoy PDF files, URL redirection, and Cloud Storage services to infect users and propagate malware.

Read the blog

CloudFanta Pops with the Cloud Using SugarSync

Netskope Threat Research Labs discovers and names CloudFanta, an attack that uses popular Cloud Storage service, SugarSync, to deliver malicious files used to steal email credentials and monitor users’ online banking activities.

Read the blog

CloudSquirrel Malware Squirrels Away Sensitive User Data

Netskope Threat Research Labs discovers CloudSquirrel, an attack that takes advantage of popular cloud services to exfiltrate usernames and passwords and organizations’ lack of SSL inspection to pass through to the corporate network undetected.

Read the blog

We discover and analyze new cloud-first threats continuously.

Visit Our Security Blog