Malicious Injections: The Tip of the Spear for Browser ThreatsPublished: Thursday 20th June 2019
The Rise of Browser Threats:
Internet browsers are proving an invaluable attack vector for criminals.
Many organizations have almost no visibility into their web-facing assets and the way their users interact with them. Because of this, browser-based threats have become the go-to method for threat actors to target organizations, their employees, and, perhaps most publicly, their customers.
Browser-based attacks—Web skimming, Cryptocurrency Miners, Fingerprinters, and Waterholing (including exploitation) encounters—are responsible for some of the most high-profile breaches in recent history, such as the hack of British Airways. Given the frequency by which RiskIQ researchers now encounter these attacks, they should be taken just as seriously by businesses as threat mainstays like phishing and ransomware.
Poised to carve out a significant portion of the threat landscape for years to come, it’s important to understand what makes browser-based attacks tick. And the first step to doing so is understanding what they all have in common: malicious injects.