Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we’ll explore what a “browser-based attack” is, and why they’re proving to be so effective.
What is a browser-based attack?
First, it’s important to establish what a browser-based attack is.
In most scenarios, attackers don’t think of themselves as attacking your web browser. Their end-goal is to compromise your business apps and data. That means going after the third-party services that are now the backbone of business IT.
The most common attack path today sees attackers log into third-party services, dump the data, and monetize it through extortion. You need only look at last year’s Snowflake customer breaches or the still-ongoing Salesforce attacks to see the impact.
The most logical way to do this is by targeting users of those apps. And because of the changes to working practices, your users are more accessible than ever to external attackers — and exposed to a broader range of possible attack techniques.
 |
| Browser-based attacks like AITM phishing, ClickFix, and consent phishing have seen an unprecedented rise in recent years. |
Once upon a time, email was the primary communication channel with the wider world, and work happened locally — on your device, and inside your locked-down network environment. This made email and the endpoint the highest priority from a security perspective.
But now, with modern work happening across a network of decentralized internet apps, and more varied communication channels outside of email, it’s harder to stop users from interacting with malicious content (at least, without significantly impeding their ability to do their jobs).
Given that the browser is the place where business apps are accessed and used, it makes sense that attacks are increasingly playing out there too.
The 6 key browser-based attacks that security teams need to know about
1. Phishing for credentials and sessions
The most direct way for an attacker to compromise a business application is to phish a user of that app. You might not necessarily think of phishing as a browser-based attack, but that’s exactly what it is today.
Phishing tooling and infrastructure have evolved a lot in the past decade, while the changes to business IT mean there are both many more vectors for phishing attack delivery, and apps and identities to target.
Attackers can deliver links over instant messenger apps, social media, SMS, malicious ads, and use in-app messenger functionality, as well as send emails directly from SaaS services to bypass email-based checks. Likewise, there are now hundreds of apps per enterprise to target, with varying levels of account security configuration.
 |
| Phishing is now multi- and cross-channel, targeting a vast range of cloud and SaaS apps using flexible AitM toolkits — but all roads inevitably lead to the browser. |
Today, phishing operates on an industrial scale, using an array of obfuscation and detection…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
