Savvy security folks are aware that determined threat actors and spearphishers can be patient and resourceful in their efforts to breach your organization and defeat your defenses. In the past few years, attacks have moved to the most vulnerable piece of your network — your browser. Email, operating systems, and endpoint software is patched and kept secure while attackers deliver social engineering attacks completely unhindered.
This failure is often a lack of visibility and little to no protection from malicious websites. Browser Endpoint Detection and Response (B-EDR) is the solution for addressing this challenge. …
It’s no secret that companies are targeted daily by attacks against your browsers and devices. These attacks include:
Software developers, network administrators, and device manufacturers are among the professionals who attempt to thwart these attacks. Although their efforts are not always successful, and it can sometimes seem as though security efforts are still two steps behind. …
Cybersecurity threats have evolved. At one time attacks came through direct email or text messages. Now browsers are the greatest avenue of vulnerability, be it from malware, phishing schemes or most other type of security attack.
The new focus on the browser means cybersecurity experts have to find new and novel ways to protect against attacks. This new innovation in security is browser isolation. Not all kinds of browser isolation offer identical levels of protection, however. In addition, some variations of this technology detract from user experience and leave businesses without data critical to full functioning of their operations.
This blog post is an in-depth assessment of the types of browser isolation. It clearly identifies the advantages of using native browser isolation in cybersecurity strategy. …
Browser Isolation is a relatively new technology, growing in popularity in 2019 & 2020, expected to be an even larger part of the security stack in 2021 and beyond, according to Gartner.
The purpose of the technology is to create an “air gap” between the user’s browser and the internet, keeping them safe from online attacks like malicious downloads and phishing.
There are multiple types of isolation but the two most common are remote browser isolation and Native Browser Isolation, that bridges the gaps between Local and Remote Browser Isolation.
Many companies are exploring the technology to fit into their own business, but are confused on what the benefits of each technology are. …
The internet can be a scary place. Most end users don’t give much thought to browsing for information, work related or otherwise. The internet is simply a vehicle and it’s the first place most people go when they need to quickly find what they want. While an employee may be diligently looking at competitors’ websites for an assigned work project, searching for cyber security training to enhance their skills, or ordering new supplies for the office, they may inadvertently stumble upon a malicious site crafted by criminals for the purposes of stealing credentials, delivering malware, or initiating some other form of cyber attack against the user’s employer. …
SSL Inspection or HTTPS Inspection breaks SSL encrypted internet communication between the client and the server. The interception is typically done on the server and its purpose is to see “inside” encrypted web traffic. Legacy security applications block millions of SSL encrypted messages that contain advanced threats everyday, so without inspecting it, data around those attacks is limited.
SSL encryption is sophisticated but not perfect. When a client, such as a browser, first sends an HTTPS request to a Web server, it starts a series of message exchanges called the SSL handshake. During the SSL handshake:
Summer 2018 is quickly coming to a close. As we begin the next quarter and head toward the holiday season, scams and phishing become ever more prevalent. Here’s a “quick win” guide for companies looking to keep their users and their browsers secure.
Pick a browser that is secure and ensure 100% adoption throughout your organization. I recommend going with Google Chrome. If you’re a GSuite/Google Enterprise customer, you have the ability to push and manage profiles and software easily through their interface. …
Spearphishing Detection Effectiveness
We’re very proud to announce that we recently published a brand new version of Apozy NoHack Enterprise Edition(EE) for our customers. We’ve worked very hard on the technology behind it and we now detect malicious pages in real-time with zero latency. Our technology relies on the visual analysis of a page combined with both proprietary and industry standard checks to accurately predict when a site is harmful.
We conducted many tests to prove NoHack EE works as intended. To determine false negative rate, we used the real-time submission of phishing links via PhishTank. PhishTank ingests URLs submitted by their user-base for review then determines if they’re malicious. If proven malicious, they’re added to a phishing filter list, for use in other phishing prevention products. …
Chromebooks are a pretty damn secure platform. Businesses, schools, and even security practitioners have adopted them as a way to keep control over traveling devices while maintaining a high level of security. Their ability to be remotely wiped clean, sandbox individual browser tabs, and ensure a secure boot process make them a locked down platform for wide deployment.
Mentored someone on teaching computing basics to seniors.
“What antivirus to buy?”
“Buy a Chromebook.”
— SwiftOnSecurity (@SwiftOnSecurity) July 23, 2015
They also have their downsides. The most significant is the inability to run full applications or any sort of agent. This means that despite the amount of telemetry they can report back from managed devices, there exists a gap in monitoring for attacks and security problems. Specifically, social engineering attacks. Being able to block phishing attacks in particular proves to be difficult since bypassing Gmail’s phishing filters is relatively simply. …
It seems like lately I’ve been bombarded by phishing attacks that are much closer to home than the news. The attacks are succeeding in affecting fellow startup companies that are knocking on my inbox asking for thoughts and advice. I’m always happy to help where I can but occasionally one pops up that needs further investigation.
Let’s discuss one. Just a week ago, an investor in Apozy called me to urgently request that I help a fellow portfolio company recover from a phishing attack they fell for. I obliged, of course.
As far as we know the attack, while still not completely fleshed out, appears to have sent phishing emails to the employees of the fellow startup. Once one phish succeeded, they injected some sort of malware onto the machine in order to steal credentials. Those credentials were then used to access the entire corporate Google Suite including emails, contacts, Google Drive documents, etc.. Within those, the attackers identified a number of customers. …