Threat Labs Netskope

Summary In the first two parts (1, 2) of this series, we broke down how the Model Context Protocol (MCP) works and explored attacks like tool poisoning and cross-server tool shadowing. In this post, we turn to two of the most subtle and dangerous risks facing MCP-enabled environments: Both techniques demonstrate a hard truth: LLMs

Summary In Part 1 of this blog series, we explored the architecture, capabilities, and risks of the Model Context Protocol (MCP). In this post, we will focus on two attack vectors in the MCP ecosystem: prompt injection via tool definitions and cross-server tool shadowing. Both exploit how LLMs trust and internalize tool metadata and responses,

Summary The Domain Name System (DNS) is a critical component of internet infrastructure, responsible for translating human-readable domain names into IP addresses. However, the ubiquitous nature and often-overlooked security aspects of DNS make it a prime target for malicious actors.  This blog post investigates the tools used for data exfiltration over DNS, the techniques involved,

Summary The Model Context Protocol (MCP) is a standardized framework that enables large language models (LLMs) to interact with external tools, APIs, and data sources. While MCP offers powerful integration capabilities across software development, data analysis, automation, and security operations, it also introduces serious security risks. This post provides a technical overview of how MCP

Netskope Threat Labs is pleased to announce the release of a new open-source tool that detects supply chain attacks. Our new tool, Behavioral Evaluation of Application Metrics (BEAM), requires no endpoint agent deployment and will analyze the network traffic you are already capturing in your organization to determine if your applications are communicating with unusual

Summary In September 2024, Netskope Threat Labs reported on the XWorm malware and its infection chain. We revealed new XWorm command and control (C2) commands and dissected its notable features. After nearly a year of tracking this malware, we discovered a new version (version 6.0) in the wild, which introduced new features such as process

Summary Netskope Threat Labs has discovered a campaign using fake installers to deliver the Sainbox RAT and Hidden rootkit. During our threat hunting activities, we encountered multiple installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek. These installers were mainly MSI files that were delivered via phishing websites. Both the phishing pages and

Grok is a chatbot developed by Elon Musk’s xAI. It was initially released to select individuals in November 2023 and became generally available to all X (formerly Twitter) users in December 2024. With the release of Grok-3 in February, Grok’s popularity rose rapidly. However, that rise was short-lived, and its user base in the enterprise

Exposing a phishing scam on Glitch targeting Navy Federal Credit Union customers. Uncover how attackers use Telegram and fake CAPTCHAs to steal credentials.

The adversary group commonly referred to as Scattered Spider is also tracked as UNC3944, Muddled Libra, Octo Tempest, Starfraud, Scatter Swine, 0ktapus, Roasted 0ktapus, and Storm-0875. Active since at least 2022, this financially motivated group has rapidly gained notoriety for its social engineering campaigns and ransomware attacks, which span multiple sectors. Initially focused on telecom