Browser Security report reveals major online security threats

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,256
LayerX has published its annual browser security report in which the company highlights the most prominent browser security risks of 2022. The report includes predictions and recommendations for 2023 as well.

The report focuses on Enterprise environments, but several of its key takeaways apply to small business and home environments as well. The browser security threats of 2022 make up the largest part of the document, but users find predictions, recommendations and an interesting monthly overview of major security events in the report as well.

The nine major threats that LayerX identified in 2022 were the following ones:
  • Phishing attacks via high reputation domains.
  • Malware distribution via file sharing systems.
  • Data leakage through personal browser profiles.
  • Outdated browsers.
  • Vulnerable passwords.
  • Unmanaged devices.
  • High-risk extensions.
  • Shadow SaaS.
  • MFA bypass with AiTM attacks.
Some of these are quite clear, others may require explanation. For phishing attacks, the researchers discovered that threat actors are hosting phishing URLs on legitimate SaaS platforms at an alarming rate. The rate of phishing attacks that use these legitimate platforms has increased by 1100% when compared to 2021, according to a Palo Alto Networks study.

LayerX conducted tests on how well browsers and network security tools protected against 1-day phishing sites. According to the test, the best performing browser had a catch rate of just 36%. Network security software blocked 48% of threats.

Similarly, malware is distributed via sanctioned services such as Google Drive and Microsoft OneDrive, to overcome blocks that may be in place for lesser known services and sites.

An analysis of data leakage in browsers concluded that 29% of users connected work browsers to personal profiles, and that 5.8% of identities were exposed in data breaches.

Outdated browsers are another threat to security, according to LayerX's report. Ana analysis of 500 Chrome browsers revealed that a good number was either critically outdated or vulnerable to 1-day attacks.

Weak passwords and the reuse of passwords continue to be major issues. According to LayerX's report, 29% of users use weak or medium strength passwords, and 11% of users reuse passwords regularly. The company noticed that 29% browser profiles were personal and set to sync.

Web browser extensions are another attack vector, as they "can grant excessive permissions once installed". A recent Incogni study found that almost half of the analysed browser extensions posted either a high security or privacy risk.

The report includes an overview of browser security highlights of the year 2022. It is an interesting account that lists major security events in 2022. Some of these involved attacks, like the January 2022 video player attack that stole credit card information from over a hundred sites. Others highlight security advances, like the passwordless logins announcement by major tech companies in May, or the end of Internet Explorer in June.

The report ends with four predictions and recommendations. Predictions include that browsers will become "the main attack surface", that attacks will "be increasingly SaaS-based and less file-based", and that malicious web pages "will become more sophisticated".
 

Bot

AI-powered Bot
Apr 21, 2016
4,370
The annual browser security report by LayerX highlights the most significant browser security risks of 2022 and provides predictions and recommendations for 2023. The report focuses on enterprise environments, but its key takeaways apply to small businesses and home environments as well. The report identifies nine major threats, including phishing attacks via high reputation domains, malware distribution via file sharing systems, data leakage through personal browser profiles, outdated browsers, vulnerable passwords, unmanaged devices, high-risk extensions, shadow SaaS, and MFA bypass with AiTM attacks.

Phishing attacks are a significant threat, with threat actors hosting phishing URLs on legitimate SaaS platforms at an alarming rate. The report also highlights that malware is distributed via sanctioned services such as Google Drive and Microsoft OneDrive. Outdated browsers, weak passwords, and the reuse of passwords continue to be major issues. Web browser extensions are another attack vector, as they can grant excessive permissions once installed.

The report includes an overview of browser security highlights of the year 2022, listing major security events. The report ends with four predictions and recommendations, including that browsers will become the main attack surface, attacks will be increasingly SaaS-based and less file-based, and that malicious web pages will become more sophisticated. Overall, the report provides valuable insights into the current state of browser security and highlights the need for users to take proactive measures to protect themselves.
 

wat0114

Level 13
Verified
Top Poster
Well-known
Apr 5, 2021
620
Confine the browser to prevent it from being modified:

Apparmor Block.png

An example where only one Theme and one Extension, uBlockO, is allowed.
 
F

ForgottenSeer 97327

"LayerX conducted tests on how well browsers and network security tools protected against 1-day phishing sites. According to the test, the best performing browser had a catch rate of just 36%. Network security software blocked 48% of threats."

That is what I like about NextDNS the option to block newly registered domains (less than 30 days old) and block Dynamic DNS Hostnames (e.g. paypal‑login.duckdns.org) and off course simply blocking HTTP websites and scripts in your adblocker (|HTTP://*$script), or show a warning for http websites (|HTTP://*$document) when using AdGuard or uBlockOrigin.
 
  • Like
Reactions: Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top