Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

Mar 02, 2023The Hacker NewsBrowser Security

Browser Security

As a primary working interface, the browser plays a significant
role in today’s corporate environment. The browser is constantly
used by employees to access websites, SaaS applications and
internal applications, from both managed and unmanaged devices. A
new report published by LayerX, a browser security vendor, finds
that attackers are exploiting this reality and are targeting it in
increasing numbers (download report here[1]).

The key report findings

  1. Over half of all the browsers in the enterprise
    environment are misconfigured.     While a configured browser
    is nearly impossible to compromise, stealing data from
    misconfigured browsers is like taking candy from a baby. The
    Leading misconfigurations are improper use of personal browser
    profiles on work devices (29%), poor patching routine (50%), and
    the use of corporate browser profiles on unmanaged devices.
  2. 3 of every 10 SaaS applications are non-corporate
    shadow SaaS,     and no SaaS discovery/security solution can
    address its risks. Shadow SaaS, and more than that, shadow
    identities, are the number one source for enterprise data loss. No
    existing data security tool (whether it being a traditional DLP or
    a DSPM) has access or control to what employees can do on their own
    personal applications.
  3. Attackers adopt evasive attack techniques that neither
    email security nor network security tools can detect.
    Advanced browser-borne attack techniques, such as the use of SaaS
    applications to distribute malware or abusing high-reputation sites
    for phishing, have become a threat commodity.
  4. Traditional security tools miss over half of those
    attack vectors at zero hour    , making targeted browser
    attacks into a leading cause for enterprise breaches.
  5. Most browser risks may lead to identity theft.
    Weak passwords, misconfigurations and SaaS security issues all
    circulate around the digital identity. This depressing finding
    outlines a main pain point – the digital identities are still the
    corporate Achilles heel.

The report also details the top browser security threats of
2022, which include phishing attacks via high reputation domains,
malware distribution via file sharing systems, data leakage
exploiting personal browser profiles, outdated browsers,
compromised passwords, vulnerable unmanaged devices, high-risk
extensions, shadow IT, and account takeovers with phishing
credentials.

In addition to the stats and analysis of the prominent threats,
the report provides a retrospect of the main news stories that left
a mark in the world of browser security in 2022. Stories like the
first Chrome browser zero-day hack of 2022, the end of Internet
Explorer and the infamous Lastpass customer data breach are
highlighted.

A New Perspective on Browser Security

The report’s effectiveness and value are twofold, providing
readers with knowledge about a rising new security category,
browser security, and driving readers to ask themselves whether
they are familiar with the risks and trends in the report and if
they have protective measures in place to detect and prevent those
threats.

The report is able to provide a new perspective on the risk –
and opportunity – of browser security. It provides insights into
how employees are using browsers and which browser-related
vulnerabilities can be exploited, as well as recommendations for
dealing with them. This is the result of the report being a
combination of original research based on LayerX’s own data points
from within its environments alongside their analysis of
information that is publicly available.

The report’s recommendations can be used as a reference point
when security professionals evaluate their security stack and
consider their budgets. As the corporate environment continues to
rely heavily on the browser as its primary working interface, it is
important to be aware of the risks associated with browser misuse
and take measures to protect against these threats.

To get more insights and details about the 2022-3 browser
security landscape, read the complete report[2].

Found this article interesting? Follow us on Twitter [3]
and LinkedIn[4]
to read more exclusive content we post.

References

  1. ^
    download
    report here     (go.layerxsecurity.com)
  2. ^
    read the
    complete report     (go.layerxsecurity.com)
  3. ^
    Twitter
     (twitter.com)
  4. ^
    LinkedIn
    (www.linkedin.com)

Read more