Modern browsers store information for your convenience, but that makes them ripe targets for the theft of confidential data. Luckily, you can take certain steps to protect yourself. This ebook looks at some of the most prevalent threats and offers suggestions for hardening your own browser security and for protecting your company as a whole.
From the ebook:
Regardless of your choice of web browser, engineered and unintentional threats can put you at risk when using it. In the previous article, we looked at five of the most prevalent security threats. Unfortunately, there are well more than five threats that can target the web browser, so it remains critical for organizations to implement effective protection from these hard-to-detect attacks.
I spoke to Dr. Christopher Kruegel, the co-founder and chief product officer of malware protection provider Lastline, to discuss the concept of browser security.
“Of all the software in use, browsers are the most exposed,” he said. “They are constantly connecting to the outside world and frequently interacting with websites and applications that cybercriminals have infected with malware. Browsers are powerful data-rich tools that if compromised, can provide an attacker with a vast amount of data about you, including confidential information such as your address, phone number, credit card data, emails, IDs, passwords, browsing history, and bookmarks.”
With that in mind, here are some common browser-based threats Kruegel and I discussed and ideas for how to defend against them.
Plugins and extensions
Regardless of the origin, plugins and extensions often come with security flaws that attackers can leverage to gain access to your systems or data. These vulnerabilities allow attackers to wreak havoc by installing ransomware, exfiltrating data, and stealing intellectual property.