"In most scenarios, attackers don't think of themselves as attacking your web browser. Their end-goal is to compromise your business apps and data. That means going after the third-party services that are now the backbone of business IT. The most common attack path today sees attackers log into third-party services, dump the data, and monetize it through extortion. You need only look at last year's Snowflake customer breaches or the still-ongoing Salesforce attacks to see the impact."
"The most logical way to do this is by targeting users of those apps. And because of the changes to working practices, your users are more accessible than ever to external attackers - and exposed to a broader range of possible attack techniques. Once upon a time, email was the primary communication channel with the wider world, and work happened locally - on your device, and inside your locked-down network environment. This made email and the endpoint the highest priority from a security perspective."
Browser-based attacks target the browser as the access point to decentralized business applications and services. Attackers aim to compromise third-party cloud services that store business data. Common attack paths include logging into third-party services, dumping data, and monetizing stolen information through extortion. High-profile breaches such as Snowflake and ongoing Salesforce attacks demonstrate the impact of such compromises. Remote and hybrid work models make users more accessible and expose them to diverse attack techniques. The shift from local endpoints and email to browser-accessed cloud apps reduces the effectiveness of traditional network and endpoint controls, increasing attack surface.
#browser-based-attacks #third-party-cloud-services #phishing-and-credential-theft #remote-work-security
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]