3 Keys to Ransomware-Proof Your Browser Security
Whether your users are researching on the web, communicating with clients, accessing your new Software as a Service (SaaS) CRM platform, or downloading a shared file, most work today is conducted in the browser. The bad guys know this, of course, and are increasingly targeting the browser as a way ... Read More
One Solution to Rule Them All: Browser Security Redefined
Let’s admit it, the cybersecurity industry is in need of an overhaul. For far too many years, organizations have been lured into a relentless cycle of piling on more and more capabilities and coverage every time a new threat emerges. This idea of adding layer on top of layer in ... Read More
5 things to consider when evaluating effective browser security
It’s no secret that the way we work has fundamentally changed over the past five years. Most work – whether it’s communicating with customers or fulfilling procurement requests – is conducted in the browser. In fact, according to Forrester, enterprise employees spend 75% of their device time in the web ... Read More
Is Cybersecurity Having an Identity Crisis?
There has never been a better time to get into cybersecurity, or a worse one. The industry is crying out for professional skills but is also foundering in its efforts to retain and develop them. Employees in the security operations center (SOC) are not enjoying their jobs, and the cybersecurity ... Read More
Browsing blind: Understanding the dangers of limited browser visibility
The browser has emerged as the most widely used enterprise application today. That’s good news for users who need to access corporate data and business tools from anywhere with a reliable Internet connection. But threat actors have taken notice as well, and, as a result, the popularity of the browser ... Read More
How Legacy URL Reputation Evasion (LURE) attacks easily bypass current security tech
Whether it’s the push for fully remote work, in-office work, or a hybrid workstyle, the conversation around how and where employees will work continues. But guess what? To cybercriminals, this conversation doesn’t really matter. Not one bit. That’s because no matter where today’s enterprise worker resides and where the work ... Read More
Digital smugglers: How attackers use HTML smuggling techniques to beat traditional security defenses
It’s hard to imagine a time when the web browser wasn’t the critical enterprise productivity app. Many enterprise workers born in the 1990s likely don’t recall when the web browser wasn’t the primary window to access nearly every office application. Today, the web browser is the de facto enterprise app ... Read More
Real-world examples of Highly Evasive Adaptive Threats (HEAT) in the news
Despite some good news from the recently released 2023 CyberEdge Cyberthreat Defense Report (CDR), high-profile breaches continue to plague the industry. From Rackspace to Twitter to GitHub, businesses, organizations and government agencies around the world have been victimized by sophisticated threat actors who are getting better at evading traditional security ... Read More
Malicious password-protected files: The issue of prioritizing business decisions over security policies
Attackers are constantly crafting new ways to evade enterprise cybersecurity defenses. Consider both how phishing attacks and the delivery of malware are evolving. In this case, through password-protected files to infect endpoints. It’s a growing risk for all organizations. There was a time when nearly all phishing attacks, whether crafted ... Read More
The art of MFA Bypass: How attackers regularly beat two-factor authentication
Whether it’s cloud-based productivity suites, powerful analytics platforms, the largest of enterprise ERP systems, and every application in between — to get work done, the web browser is the modern go-to application interface. Unfortunately, it also means that the web browser is the go-to target for modern attackers. This profoundly ... Read More