Cyber Defense eMagazine December 2019

More documents

Recommendations

Info

117 Browser Extensions Are a Leaky Vessel for Phishers to Exploit By Atif Mushtaq, CEO, SlashNext Some of the most common and helpful ways to optimize web browsers are by adding extensions, such as those offered by Google Chrome. These typically small software add-ons can be attached to a browser for better functionality, ad-blocking and more. But the customizations and increase in productivity they provide don’t come without risk. In fact, malicious activity conducted through browser extensions as an attack vector is on the rise. Researchers at CSIS discovered a new Android malware called Joker that conducted ad fraud and data theft from two dozen apps that garnered nearly 500,000 downloads from the Google Play store. Joker’s file was capable of stealing victims’ SMS messages, contact lists and device information, plus covertly interacting with advertisement websites to generate fake clicks and sign up infected users with unwarranted premium service subscriptions. Another infamous attack was on one of the most popular Chrome extensions, the Evernote note-taking and organizing application. Over 4.5 million users have downloaded Evernote for their virtual notation, leaving their data susceptible to hackers who exploit a vulnerability that would allow cyber criminals to bypass Google Chrome’s security policies. A cybersecurity organization called Guardio uncovered the hole back in June, discovering the vulnerability could enable attackers to gain access to users’ browsers and extract user information. The
118 flawed method in which Evernote interacted with websites allowed hackers to use cross-scripting techniques to circumvent the browser’s Same Origin Policy (SOP). SOPs prevent users from accessing information from web pages by utilizing scripts from other pages from the same source. Fortunately, following the discovery of this vulnerability, Evernote released a vulnerability patch in an update to fix the issue. Earlier this year, hackers used an extension called SingleFile, which allowed users to save and archive webpages as single HTML file, to spoof login pages and phish unsuspecting users’ credentials. Unfortunately, these are just two examples of the many instances of browser extension exploitation. Fortunately, Google is responding to these issues. After announcing last fall that the company planned on increasing user protections for third-party extensions and other applications, Google is ramping up restrictions to reduce the exposure of user data. All extensions are only allowed to request necessary information in order to implement or update application features. Google is also requiring that extensions which handle users’ personal information to publish their privacy policies and meet updated cybersecurity guidelines. However, the problem remains that browser extensions still don’t operate like web applications, meaning they are not protected by the same SOPs. Browser extensions are still a vessel by which attackers can “phish” users by using the extension to avoid the SOP protections maintained by the browser itself. Hackers can then extract user logins/passwords and access the victims’ accounts, empowering them to use the stolen credentials for malicious theft of money and data. In a study published in January, researchers from the French institution Université Côte d’Azur, found that 197 extensions from various internet browsers, such as Chrome and Firefox, and were susceptible to the threat of malicious websites. These rogue sites had bypassed SOP protections and were able to gain access to victims’ information. <strong>Cyber</strong> attackers are launching these malicious extensions under the guise of useful applications. By offering naïve users (often the employees of targeted organizations) a browser add-on for various tools such as grammar checks, archiving assistance, and more, hackers are able to carry out browser-based phishing schemes that ultimately trick victims into exposing their credentials and private information which the cyber criminals can then exploit. This is all part of the great and growing problem of browser-based cybercrime. Most users are now well aware of the threat of email phishing attacks, but many don’t know just how numerous and widespread the rest of the attack landscape is. There are just so many options at hackers’ disposal — in addition to browser extensions and email, pop-up ads, social media, instant messengers, and more are all available attack vectors for malicious activity. The responsibility definitely lies with the app stores themselves to vet the safety and security of incoming apps, which is no easy feat as there’s many ways to bypass security tools looking for specific malware and attributes that can be masked with minimal coding. As a security team, there’s also a few steps that can be taken to reduce a user’s exposure. <strong>Cyber</strong>security awareness training and prohibiting new software downloads to corporate computers without the express authorization of the IT team are a couple of examples. Employers should also do their research to find
Page 1 and 2:
1 8 Most Common Cybersecurity Mista
Page 3 and 4:
2
Page 5 and 6:
4 The Internet Got Safer In 2019: A
Page 7 and 8:
@CYBERDEFENSEMAG CYBER DEFENSE eMAG
Page 9 and 10:
8
Page 11 and 12:
10
Page 13 and 14:
12
Page 15 and 16:
14
Page 17 and 18:
16
Page 19 and 20:
18
Page 21 and 22:
20 8 Most Common Cybersecurity Mist
Page 23 and 24:
22 You can prevent (or decrease) th
Page 25 and 26:
24 While it’s not feasible to res
Page 27 and 28:
26 The major difference is the addi
Page 29 and 30:
28 Oh, my! PerCSoft’s Irony By Ch
Page 31 and 32:
30 • Conduct cybersecurity traini
Page 33 and 34:
32 Persistent Cybersecurity Industr
Page 35 and 36:
34 Automation is welcome and seen a
Page 37 and 38:
36 Protecting Against Modern Cybera
Page 39 and 40:
38 Conclusion Unfortunately, no tec
Page 41 and 42:
40 For 2020 The Death of Traditiona
Page 43 and 44:
42 The Next Five Years The End of E
Page 45 and 46:
44 Government Agencies Are Prime Ta
Page 47 and 48:
46 It’s a basic fact of contempor
Page 49 and 50:
48 simpler way to approach these pr
Page 51 and 52:
50 Why Outsmart Cyber Attackers Whe
Page 53 and 54:
52 Depending on how you look at it,
Page 55 and 56:
54 devices. Russian actors can extr
Page 57 and 58:
56 How to Become a Cybersecurity Sl
Page 59 and 60:
58 industry. Perform online searche
Page 61 and 62:
60 The Security Challenges of Robot
Page 63 and 64:
62 The typical approach in providin
Page 65 and 66:
64 The Blockchain And Wireless Tech
Page 67 and 68: 66 systems. As is quite well-known,
Page 69 and 70: 68 Benefits of Having an SSL Certif
Page 71 and 72: 70 Google has made SSL compulsory s
Page 73 and 74: 72 This year, privacy and security
Page 75 and 76: 74 The Perspectives Of The 5th Indu
Page 77 and 78: 76 The balance between offense and
Page 79 and 80: 78 The Rise of Cybercrime-As-A-Serv
Page 81 and 82: 80 About the Author Mark Belgrove i
Page 83 and 84: 82 the conflict. Practically, it’
Page 85 and 86: 84 fact is something that would see
Page 87 and 88: 86 Furthermore, Tessian in 2019 del
Page 89 and 90: 88 Automatic for The SOC People How
Page 91 and 92: 90 Allows Transparency and Drive Le
Page 93 and 94: 92 Only large enterprises can benef
Page 95 and 96: 94 The Growing Costs of Cyber Attac
Page 97 and 98: 96 After suffering a cyber attack m
Page 99 and 100: 98 Some of the most damaging Inside
Page 101 and 102: 100 Out-Smarting the Cybersecurity
Page 103 and 104: 102 Empower Other Teams Network and
Page 105 and 106: 104 New Security Report Highlights
Page 107 and 108: 106 The Threat Lab team also analyz
Page 109 and 110: 108 Drive, AWS, Office 365, etc. It
Page 111 and 112: 110 former governor, this bill also
Page 113 and 114: 112 I mean, if you want to be able
Page 115 and 116: 114 Is It Safe to Connect to Public
Page 117: 116 5. Safe Browsing Additional dil
Page 121 and 122: 120 Really, Imagine a Day Without W
Page 123 and 124: 122
Page 125 and 126: 124
Page 127 and 128: 126
Page 129 and 130: 128
Page 131 and 132: 130
Page 133 and 134: 132
Page 135 and 136: 134
Page 137 and 138: 136
Page 139 and 140: 138 Meet Our Publisher: Gary S. Mil
Page 141 and 142: 140 Free Monthly Cyber Defense eMag
Page 143 and 144: 142
Page 145 and 146: 144
Page 147 and 148: 146 Nearly 8 Years in The Making…
Page 149 and 150: 148
Page 151: 150
show all

Cyber Defense eMagazine December 2019

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?