This highlights the need for browser security solutions that are able to detect and automatically block malicious and unwanted extensions, like the Advanced Browser Security solution by @PerceptionPo1nt.
Full paper here: https://t.co/FBXeKsPCli
📈 In the last 3 years, over 280 million users (!) installed malware-containing browser extensions.
Stanford researchers also found at least 10,000 malicious extensions that bypassed Google's review process, not to mention those that are privacy-violating or vulnerable.
@bcmerchant Spot on. Even Apple's innocent-looking email thread summarizer could possibly be abused by bad actors in a variety of ways (e.g. trick the summarizer to show a phishing email as urgent and more credible, make users pay even less attention to details, etc)
This required some tweaking and optimizing, but LLMs are now a key component in our modern email security stack and help improve detection of zero-hour campaigns.
Nice writeup by @schneierblog on the implications of GenAI on phishing. At @PerceptionPo1nt we deployed such models for countering social engineering, including LLM-based detection of malicious intent, visual detection of phishing pages & an autonomous incident response agent
Excited to share that we just launched Hysolate Free - the best way to isolate risky apps/websites/documents, taking the technology behind Windows Sandbox to the next level.
Check it out, it's free forever!
https://t.co/Xlf8kQNv2m
But is this enough to allow their employees to be effective? Unsurprisingly, the answer is no. At the end of the day, Google was forced to allow its workforce to install various apps on their endpoints - such as Zoom and others, exposing their endpoints to potential threats
Another year, another critical remote code execution vulnerability in Chrome/Edge (kudos @XuanwuLab). One visit to the wrong website is all it takes. Time to update your browser (again) and if you're a business - consider isolation. @HysolateNow https://t.co/0Ei44Ck846
Today dawns the Isolated Workspace-as-a-Service era. Our all-new #IWaaS solution lets companies create isolated workspaces on corporate / non-corporate endpoints & manage them from the cloud while keeping assets secure. Watch out #VDI & #DaaS!
https://t.co/xWWBiF6hCZ
We are excited to announce a new #technical#integration with @CyberArk! This integration will enable Hysolate customers to manage access to the Hysolate Management Server through the CyberArk solution!https://t.co/bwhTnJlI75
A great talk by @dwizzzleMSFT at #bluehatil . I salute Microsoft for taking on the Herculean task of securing the 5.7 million (!!!) source code *files* of Windows. The only way to win this game is by adopting a security-by-design isolation paradigm.
VDI and DaaS (desktop-as-a-service) are back with Microsoft trying to push Windows Virtual Desktop and with Citrix servers hacked. It's a good time to look at these technologies from the security perspective. More details in our latest post: https://t.co/TIPQNuGJTx
Ouch. CVE-2020-0601 means attackers (not just nation state actors) can run any executable on your machine, bypassing code signing. They can also launch man-in-the-middle attacks, reading/modifying your "encrypted" traffic. Hysolate machines are unaffected. @HysolateNow !
Ouch. Anyone on the internet can gain access to critical enterprise systems via Citrix servers. No authentication required. Yet another risk of putting critical Windows apps and desktop on VDI. @HysolateNow
https://t.co/Fig1rIeF5X
App sandboxing isn't enough to stop persistent adversaries: a 0-day in the Chrome sandbox means that a single visit to the wrong website is enough to breach your laptop, data and identity. It's time to switch to VM-based isolation with @HysolateNow.
https://t.co/LsoUpAds7j
Leveraging Windows "safe mode" is a great way for malware to disable the latest Windows security features... It's impossible to protect an OS like Windows from within Windows. @HysolateNow provides security by design, below the OS.
https://t.co/UTwjl7z9zR
The Windows 7 end of life date is quickly approaching, but can Windows 10 really significantly improve security for enterprise workers? https://t.co/q3SnABfrnv
@JackRhysider The architecture of Windows, being a monolithic OS with many millions of lines of potentially vulnerable code, is making Windows (and similar operating systems) insecure by design. We're trying to fix this with @HysolateNow
@andymwood @E2EVC@HysolateNow Thanks for the great feedback @andymwood ! We actually have a feature for adding highlights around windows (we call these window borders, we didn't get to show those in the demo), attaching a pic