Browser Security report reveals major online security threats
LayerX has published its annual browser security report in which the company highlights the most prominent browser security risks of 2022. The report includes predictions and recommendations for 2023 as well.
The report focuses on Enterprise environments, but several of its key takeaways apply to small business and home environments as well. The browser security threats of 2022 make up the largest part of the document, but users find predictions, recommendations and an interesting monthly overview of major security events in the report as well.
The nine major threats that LayerX identified in 2022 were the following ones:
- Phishing attacks via high reputation domains.
- Malware distribution via file sharing systems.
- Data leakage through personal browser profiles.
- Outdated browsers.
- Vulnerable passwords.
- Unmanaged devices.
- High-risk extensions.
- Shadow SaaS.
- MFA bypass with AiTM attacks.
Some of these are quite clear, others may require explanation. For phishing attacks, the researchers discovered that threat actors are hosting phishing URLs on legitimate SaaS platforms at an alarming rate. The rate of phishing attacks that use these legitimate platforms has increased by 1100% when compared to 2021, according to a Palo Alto Networks study.
LayerX conducted tests on how well browsers and network security tools protected against 1-day phishing sites. According to the test, the best performing browser had a catch rate of just 36%. Network security software blocked 48% of threats.
Similarly, malware is distributed via sanctioned services such as Google Drive and Microsoft OneDrive, to overcome blocks that may be in place for lesser known services and sites.
An analysis of data leakage in browsers concluded that 29% of users connected work browsers to personal profiles, and that 5.8% of identities were exposed in data breaches.
Outdated browsers are another threat to security, according to LayerX's report. Ana analysis of 500 Chrome browsers revealed that a good number was either critically outdated or vulnerable to 1-day attacks.
Weak passwords and the reuse of passwords continue to be major issues. According to LayerX's report, 29% of users use weak or medium strength passwords, and 11% of users reuse passwords regularly. The company noticed that 29% browser profiles were personal and set to sync.
Web browser extensions are another attack vector, as they "can grant excessive permissions once installed". A recent Incogni study found that almost half of the analysed browser extensions posted either a high security or privacy risk.
The report includes an overview of browser security highlights of the year 2022. It is an interesting account that lists major security events in 2022. Some of these involved attacks, like the January 2022 video player attack that stole credit card information from over a hundred sites. Others highlight security advances, like the passwordless logins announcement by major tech companies in May, or the end of Internet Explorer in June.
The report ends with four predictions and recommendations. Predictions include that browsers will become "the main attack surface", that attacks will "be increasingly SaaS-based and less file-based", and that malicious web pages "will become more sophisticated".
Closing Words
The report offers insights on the browser threat landscape of 2022, and how threats will evolve in 2023 and beyond. While most of it is aimed at Enterprise and large business environments, it may still be of interest to home users and small businesses alike.
The recommendations focus on SaaS and Enterprise-grade protections, but all users may use the listed threats to improve security. For example, outdated browsers may be updated more frequently, and weak or reused passwords may be replaced with unique strong passwords.
The report is available for download here, but a short form needs to be filled out before the download link is made available.
Some of these?
https://en.wikipedia.org/wiki/MFA#Science_and_technology
Made for AdSense, a pejorative description for some websites
I searched this from Wikipedia but I didn’t find. What is MFA bypass with AiTM attacks?
Almost all those threats listed aren’t even browser problems really. They’re all PEBKAC issues. At the end of the day, some problems just can’t be solved through code, but through the carrot and stick! :)
If you explain “PEBKAC”
Problem Exists Between Keyboard And Chair ? Caused by the user
put simply, Idiot error!
SaaS (Software as a Service)
SaaS is a method of providing software to users remotely via the Internet. Users use general-purpose client software such as web browsers to access servers operated by providers and operate and use the software. It is almost the same as what was conventionally called “ASP service”.
In general, the entire system is designed as a web application, and users often download and launch a client implemented as a web page through a web browser each time.
It is common in various types of software, including personal software such as office software, games, and messaging software (such as webmail).
Software as a service – Wikipedia
https://en.wikipedia.org/wiki/Software_as_a_service
First thought: SSL for SaaS
Cloudflare offers some options:
https://blog.cloudflare.com/introducing-ssl-for-saas/ {old stuff}
SaaS should adhere to
https://www.getastra.com/blog/cms/saas-security-guide/
After reading a bit, I wonder if SaaS is worth the time and risk: “It becomes quite complicated and difficult to manage securely.”
Better to have “on premise” software? Trading one set of issues for another, perhaps, more complicated and hazardous set of issues.