SINGAPORE, Aug. 6, 2024
/PRNewswire/ -- SquareX Founder, Vivek Ramachandran, cybersecurity veteran with
over 20 years of experience and founder/ex-CEO of Pentester Academy
(acquired by INE), together with the security research team, will
be delivering their latest findings in an upcoming main stage talk,
titled Breaking Secure Web Gateways (SWG) for Fun and
Profit! at DEF CON 32 on Friday, August 9,
2024 at 5pm PT.
The talk will unveil "Last Mile Reassembly
Attacks", a new class of attacks that completely evade
Secure Web Gateways (SWGs), a crucial component of modern Secure
Access Service Edge (SASE) and Security Service Edge (SSE)
solutions.
The web browser is the most used application within the enterprise
but also the least protected. Bad actors are now increasingly
targeting the weakest link: employees and consultants.
Unfortunately, most of these attacks happen online when the
employee or consultant is going about his daily work. Existing
security solutions like SWGs as part of SASE/SSE solutions are
unable to protect users against modern web threats that happen on
the client side. This makes it currently impossible for enterprise
security teams to detect, mitigate and threat hunt these
attacks.
Vivek Ramachandran and the SquareX
team have conceptualized and identified a new class of attacks
against SWG and cloud-based intercepting proxies, converting
traditional attacks like malware downloads and malicious websites
into something undetectable by all existing vendors in the Gartner
Magic Quadrant.
This class of attack is called "Last Mile Reassembly
Attacks". The vulnerabilities the team discovered are
architectural and vendor-agnostic, meaning there is no specific way
to fix them.
These attacks will have a massive impact on SASE, as it is a
$40 billion market, and every large
security vendor has an SWG product vulnerable to this new class of
attacks. This is an industry-first research highlighting attacks
that we suspect may have been circulating in the wild for some
time. As these client-side attacks are fundamentally different in
nature to the attacks that SWGs typically detect, they have
remained unnoticed. Upon revealing these attacks and the release of
the accompanying toolkit, enterprise vendors can assess their
security posture and build countermeasures.
During the main stage talk, Vivek will shed light on this
"Last Mile Reassembly Attacks" - where a file
download, upload or site rendering never actually happens on the
server side. Instead, the attack is assembled directly in the
user's browser using various techniques, which will be explained in
detail during the talk. This way, malicious files can evade
triggering SWGs, leaving many enterprises across the globe
vulnerable to being attacked.
Researchers at SquareX will also demonstrate over 25 plus
bypass methods-, including chunking attacks, WASM payloads, and
others.
"The research team and I are excited to be presenting the
talk at DEF CON 32. This talk will challenge SASE, SSE vendors
in the current space. We hope that vendors will rethink their
reliance on cloud-based web attack detection models and understand
the need for a client-side (either endpoint or browser-based)
security agent and browser-hardening to work in tandem with the SWG
for accurate detection-mitigation of attacks," says
Vivek Ramachandran, Founder &
CEO of SquareX.
Web attacks have far advanced and evolved in today's world and if
enterprises do not change the way they protect their users, they
will essentially be vulnerable to these web threats and attacks.
SquareX is dedicated to enhancing online security for enterprises.
By bringing these vulnerabilities to light and advocating for a
more comprehensive approach to browser security, the team's
research serves as a critical alert to the cybersecurity
community.
The revealing of "Last Mile Reassembly Attacks" and
the release of the accompanying toolkit are poised to challenge the
way enterprise security teams think and will prompt enterprises to
reassess their methods for protecting employees from browser-based
attacks.
About SquareX:
SquareX helps organizations detect,
mitigate and threat-hunt web attacks happening against their users
in real time. With our innovative browser-native security product,
SquareX safeguards enterprise users from a spectrum of web-based
threats, encompassing malicious files, websites, scripts, and
compromised networks.
About Vivek Ramachandran:
Vivek Ramachandran is a security
researcher, book author, speaker-trainer, and serial entrepreneur
with over two decades of experience in offensive cybersecurity. He
is currently the founder of SquareX, building a browser-native
security product focused on detecting, mitigating, and
threat-hunting web attacks against enterprise users and consumers.
Prior to that, he was the founder of Pentester Academy (acquired in
2021), which has trained thousands of customers from government
agencies, Fortune 500 companies, and enterprises from over 140+
countries. Before that, Vivek's company built an 802.11ac
monitoring product sold exclusively to defense agencies.
Vivek discovered the Caffe Latte attack, broke WEP Cloaking,
conceptualized enterprise Wi-Fi Backdoors, and created Chellam
(Wi-Fi Firewall), WiMonitor Enterprise (802.11ac monitoring),
Chigula (Wi-Fi traffic analysis via SQL), Deceptacon (IoT
Honeypots), among others. He is the author of multiple
five-star-rated books in offensive cybersecurity, which have sold
thousands of copies worldwide and have been translated into
multiple languages.
He has been a speaker/trainer at top security conferences such as
Blackhat USA, Europe and Abu
Dhabi, DEFCON, Nullcon, Brucon, HITB, Hacktivity, and
others. Vivek's work in cybersecurity has been covered in Forbes,
TechCrunch, and other popular media outlets.
In a past life, he was one of the programmers of the 802.1x
protocol and Port Security in Cisco's 6500 Catalyst series of
switches. He was also one of the winners of the Microsoft Security
Shootout contest held in India
among a reported 65,000 participants. He has also published
multiple research papers in the field of DDoS, ARP Spoofing
Detection, and Anomaly-based Intrusion Detection Systems. In 2021,
he was awarded an honorary title of Regional Director of
Cybersecurity by Microsoft for a period of three years, and in 2024
he joined the BlackHat Arsenal Review Board.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/squarex-discovers-new-cybersecurity-attacks-that-completely-bypass-secure-web-gateways-swg-leaving-most-enterprises-vulnerable-302214112.html
SOURCE SquareX