Latest news with #LayerX
Techday NZ
5 days ago
- Business
- Techday NZ
ExtensionPedia launches with risk scores for 200K browser add-ons
LayerX Security has launched ExtensionPedia, an online resource designed to provide security evaluations for over 200,000 browser extensions. The new platform provides individuals and enterprises with detailed risk assessments for browser extensions available for Chrome, Edge, and Firefox, enabling users to review security scores before installation. ExtensionPedia also includes a knowledge centre featuring guidance on mitigating threats from malicious browser extensions. Malicious browser extensions have been cited as a significant but overlooked identity security risk affecting both home and workplace users. Recent incidents, including multiple breaches over the past six months, have reportedly exposed nearly ten million users worldwide to risks such as identity theft and data leakage via compromised extensions. These risks have prompted warnings from law enforcement agencies such as the FBI. One of the challenges users face is the complexity of extension trustworthiness, as extensions can be developed, modified, or compromised by malicious actors and redistributed widely. Access to complete, impartial risk information on individual extensions has not typically been available to the general public or organisations. Extension stores typically apply only baseline verification processes to detect obvious malicious indicators in extensions. Deeper investigations into suspicious behaviour or complex risks usually fall outside their standard review procedures. Or Eshed, Co-Founder and Chief Executive Officer of LayerX, explained the rationale behind the launch of ExtensionPedia: "While browser extensions are often considered harmless, in practice they are frequently granted extensive access permissions to users' identity information and data, leading hackers to use them as an attack channel for credential theft, account takeover and data theft." He added, "When someone installs a browser extension – either for personal or work – users and their organisations have no idea what permissions each extension has, how reputable the extension author is and the risk profile of the extension. Our Browser Extension Risk Database and Knowledge Centre for the first time helps get the information individuals and enterprises to protect themselves." ExtensionPedia's risk evaluations are based on anonymised data collected from millions of sessions using the LayerX platform, which operates as a user-centric extension for protecting identities directly within browsers. Key features of ExtensionPedia include access to data on over 200,000 extensions across major browsers, integration with the LayerX management console, and availability for public use online. Each extension is given a detailed score based on parameters such as permission scope and reputation risk. Users can also view a single, unified risk score incorporating all available risk factors. Additional information available through ExtensionPedia includes extension details, publisher data, and a range of articles and guides covering topics related to browser extension security and best practices for preventing malicious activity. Individuals and organisations using ExtensionPedia can search for extensions by name or unique ID, review extensions by category—including GenAI, VPN tools, and password managers—and compare risk scores. The platform offers both high-level risk assessments and more granular, detailed breakdowns, including permission access and publisher reputation. ExtensionPedia also features resources to help users educate themselves on the risks and protection strategies related to browser extensions.
Forbes
28-04-2025
- Business
- Forbes
Rethinking Enterprise Security For The Browser-Centric Workplace
The growing role of the browser in enterprise workflows is reshaping cybersecurity priorities. The browser has quietly ascended to become the enterprise's most critical—and most vulnerable—point of exposure thanks to hybrid work, SaaS-driven operations, and everyday AI adoption. While security teams have long focused on networks, endpoints, and identities, the digital workplace has migrated to the browser itself, creating an expansive blind spot that traditional defenses were never designed to see, let alone secure. As organizations embraces flexibility and cloud-native workflows, the browser now governs access to sensitive data, manages interactions with GenAI tools, and mediates connections to countless sanctioned and unsanctioned SaaS applications. The stakes have never been higher, and yet browser-layer security remains an often-overlooked frontier. Sensitive data now routinely traverses browser sessions. Unauthorized apps—so-called "shadow SaaS"—are adopted by employees without security oversight. Identity credentials flow through browser tabs where malicious extensions, session hijacking, or phishing attacks can exploit them. According to Forrester Research, over 80% of employees now perform all or most of their work within a browser, reinforcing the idea that the browser is no longer peripheral—it's foundational. Or Eshed, co-founder and CEO of LayerX, explains, 'The browser is the nerve center of the modern workplace. However, traditional security solutions—such as endpoint protection, DLP, and SASE/SSE—do not provide adequate protection for the browser and the data that goes through it.' Despite this evolution, many enterprises still rely heavily on network-centric defenses like Secure Service Edge, which often lack visibility into encrypted browser sessions or the nuances of in-browser activity. This gap leaves organizations exposed to a new generation of threats. Securing browser activity presents a delicate balancing act. Organizations cannot simply lock down browser functionality without risking significant disruption to productivity and user experience. Replacing standard browsers with secure enterprise versions is one approach, but it often encounters fierce resistance from users unwilling to abandon familiar workflows. Meanwhile, network- and endpoint-based controls struggle to observe or govern the real-time user behavior inside browser sessions. Part of the challenge lies in the browser's unique position at the intersection of network security, endpoint security, identity management, and data protection. Traditional tools address parts of the problem but often fail to provide a cohesive, real-time defense at the browser layer itself. Eshed notes that the risk is not just from external attacks but also from user behavior. 'If you're under attack by an external attack vector, then where users spend most of their day is where that attack is most likely to happen. And if your primary concern is from user error, the browser is where that user error is most likely to occur.' Recognizing the browser's rising strategic importance, cybersecurity innovators are exploring multiple paths to mitigate the risk. Secure enterprise browsers aim to reimagine the browsing experience from the ground up, embedding governance and security controls into purpose-built platforms. However, these solutions often face adoption hurdles due to their disruption of familiar user workflows. A parallel movement focuses on integrating security natively into existing browsers through lightweight, enterprise-grade extensions. These approaches aim to deliver real-time visibility, control sensitive data flows, prevent malicious activities, and govern GenAI tool usage—all while maintaining a frictionless user experience. The growing interest in browser-native security reflects a broader trend: protecting the browser is a necessity for organizations operating in a perimeter-less, SaaS-first world. The strategic importance of browser security is increasingly visible in market dynamics. LayerX Security just announced an $11 million extension to its Series A funding round, led by Jump Capital, with continued participation from initial backers Glilot Capital Partners and Dell Technologies Capital, bringing its total raise to $45 million. While LayerX is one example, the funding reflects a wider acknowledgment from investors that browser security is emerging as a distinct and necessary pillar within enterprise security architectures. Enterprise adoption patterns reinforce this momentum. Organizations across industries are seeking solutions that provide real-time monitoring, control over data use in SaaS apps and GenAI tools, and protection against browser-based threats—without forcing users to abandon their preferred browsers or workflows. For CISOs and security architects, addressing browser-layer risk requires a fundamental rethink. Evaluating solutions means focusing on critical attributes: Security leaders must also be mindful not to replicate past mistakes—overcomplicating architectures or degrading the user experience in the name of protection. The most effective browser security solutions will be those that empower security teams while preserving the fluid, familiar workflows users expect. The browser is no longer just a portal to the web—it is the new perimeter of the enterprise. As SaaS and GenAI adoption accelerates, organizations must extend their security strategies to fully encompass the browser environment where today's work actually happens. Browser security is evolving from an overlooked necessity into a foundational pillar of enterprise security, alongside endpoint, network, and identity protections. Those who recognize and act on this shift early will be better equipped to navigate an increasingly complex and dynamic threat landscape—safeguarding users, data, and operations in the process.
Forbes
15-04-2025
- Forbes
Chrome, Edge, Firefox Warning—99% Of Browsers Now At Risk
Why you need to change your browser getty Sometimes the most dangerous risks are those we think least about, lurking behind the scenes in the apps and platforms we use daily. While the malware attacking our phones generates headlines, that's rarely the case with the permission abuse that affects most users, almost all of the time. And while secretive tracking and malware attacks on our browsers prompt update warnings and settings changes, that's still not true with a threat that's just as pervasive and is now a major threat to users worldwide. We're talking extensions, which have finally come into view in the last year as popular add-ons are hijacked to threaten those using them. And while Google is fighting back, it's clear that this attack surface remains wide open to exploit. That's certainly the new warning from the security research team at LayerX, which is in the business of securing enterprises from extension exposure. The team warns that 'most users don't realize that browser extensions are routinely granted extensive access permissions that can lead to severe data exposure should those permissions fall into the wrong hands.' And when those extensions are trivial, just as with mobile apps, that's an easy trojan horse into an enterprise. 'Users often use such extensions to fix their spelling, find discount coupons, or other productivity uses… This is particularly a risk to organizations since many organizations do not control what browser extensions users install on their endpoints.' This follows a similar warning from CrowdStrike a few weeks ago. 'While it's common for users to install browser extensions to tailor their online experience to better meet their needs and preferences, these tools also carry significant security risks. Browser extensions are yet another avenue that can be exploited by cyber attackers or act as a vehicle for malware.' Which means that 'to reduce the attack surface and limit potential vulnerabilities, users should install only essential browser extensions.' There are frequent warnings that connecting your own phone to your employer's networks and systems exposes the company to your own security weakness. The same is true of extensions. 'A compromised browser extension of an individual user can lead to exposure and breach of the organization as a whole.' Most people reading this will give little if any thought to extensions. But given the stark numbers in the research, you probably should. '99% of enterprise users have a browser extension installed in their browsers, and more than half (52%) of employees have more than 10 extensions installed.' And while official Chrome, Edge and Firefox stores are the 'most common source,' the threat 'is much wider than most users realize.' The numbers are frightening. LayerX Not to state the obvious, but this means that almost every organization is exposed, relying on corporate IT defenses to ensure endpoint integrity across all those users. Unless their desktops are completely locked down, which doesn't happen often. LayerX reports that '53% of enterprise users have installed a browser extension with 'high' or 'critical' risk scope, meaning that such extensions have access to sensitive data such as cookies, passwords, web page contents, browsing information, and more, putting users at risk of credential theft or data exposure.' And again, just as with mobile apps the red flags are all in plain sight. More than half of extension publishers hide behind little more than a free Gmail account, more than three-quarters have a single extension under their name, and most don't even have a privacy policy to review. While other browsers are vulnerable to extension abuse, this is really all about Chrome which dominates the install base. 'Securing Chrome browsers should be an organizational security team's #1 priority,' LayerX says. This is such a fragmented market that it's little surprise to read these findings. The vast majority (95%) of Chrome extensions 'have fewer than 10,000 installs' and only 0.2% have 'more than one million users.' There is not the same level of awareness and user savvy we see on mobile phones and apps, which are still highly vulnerable. As Bleeping Computer warned earlier this year, the recent exposure of cybercriminals hijacking extensions 'sheds a spotlight on the identity risks posed by browser extensions, and the lack of awareness that many organizations have about this risk.' The one key recommendation is that enterprises need a better sense of their risk. And that means auditing or shutting down their extensions in use. And home users should limit extensions to those they need and can categorically trust. 'Many organizations don't have a full picture of all extensions that are installed in their environment,' LayerX says. 'Many organizations allow their users to use whichever browsers (or browsers) they wish to use and install whatever extensions they want. However, without a full picture of all extensions on all browsers of all users, it is impossible to understand your organization's threat surface.'
Forbes
01-04-2025
- Forbes
Apple ID Hack — New Warning For 2 Billion Users
Beeware this Apple ID hacking scam. Update, April 1, 2025: This story, originally published March 30, has been updated with information regarding a scam targeting iCloud users in addition to the Apple ID attacks. Apple has long since had an air of invulnerability about it as far as users have been concerned; be they iPhone, iPad or Mac fans, the ecosystem has been thought of as pretty darn secure. Like most security assumptions, however, it is wrong. After all, to assume is to make an ass out of u and me. With iPhone dating apps found to be leaking sensitive images, iOS hackers getting root of smartphones, and the FBI warning iPhone users to hang up and use a secret code, the secure bubble has well and truly been burst. There has been some solace in the idea that at least it's not as bad as it is for Windows users, but new analysis has revealed that hackers are jumping ship from Windows, and your Apple ID is firmly in the crosshairs. There are in excess of 2 billion active users of iPhones, iPads and MacBooks, so it's hardly surprising that an Apple ID is seen as such a valuable commodity among the criminal hacking community. It is, after all, the gateway to your account, your devices and your data. Compared to Windows users there is also the notion that Apple fans tend to be more affluent, and that could mean richer pickings once an account is compromised. Security researchers at LayerX have confirmed this to be the case after they uncovered an account-compromising attack campaign that was initially targeting purely Windows users but has now turned its attention to Apple instead. 'With new security features rolled out by Microsoft, Chrome, and Firefox, the attackers have shifted their focus to Mac users,' the researchers said. While the platform has changed, the methodology has not: scareware security alerts designed to bait the user into entering their account passwords. Although this sounds like a simple phishing attack at first, the truth is that simplicity works. By employing cloned sites to distribute fake Apple security notices, informing users their Apple ID has been suspended and requiring immediate action to regain control, the end result is a compelling and successful hacking campaign. When it comes to scammers, Apple security notifications are not the only nefarious fruit. All users are also advised that an iCloud upgrade scam is known to be doing the rounds and should be cautious about any emails or SMS text messages warning that iCloud storage is nearing capacity and offering a free upgrade. Just like the Apple ID security notifications, the threat actors want to instil a sense of urgency regarding a core Apple service. Whether this is by way of that data capacity reached message or one informing you of some billing or security problem that needs addressing, there will always be a call to action: click here for a free upgrade, click here to sign in and verify your identity, click here to contact Apple support. These messages will look for all intents and purposes as if they have originated from Apple itself, directing you to what appears to be a genuine Apple site. Neither of these will, in fact, be genuine at all. The cloned sites are there for one reason, and that's to gain control of your Apple ID. You will, of course, be required to confirm your credentials before proceeding with whatever it is you think you need to do, and do urgently. 'If you're suspicious about an unexpected message, call, or request for personal information, such as your email address, phone number, password, security code, or money,' Apple said, 'it's safer to presume that it's a scam.' Remember that Apple will never ask you to log into a website, click a button saying accept in a 2FA dialog or provide your Apple ID password in this way. If in any doubt at all, always go to the settings for your Apple ID on your device and check from there.
Yahoo
20-03-2025
- Yahoo
Mac users are now in danger of a well-known Windows phishing attack
If you're using a Mac, such as the new MacBook Air, you might have to be careful. A phishing attack that previously plagued Windows users has now made its way to macOS, and it's easy to fall for it. This was spotted by 9to5Mac. Researchers from LayerX have been tracking a well-known phishing attack that caused a lot of grief to those who were tricked by it. Previously, the main target of these hackers was Windows, but Microsoft was able to largely eliminate it — up to 90% of all attacks on Windows PCs are said to have been fixed thanks to new updates to Edge, Chrome, and Firefox that block scareware. As the hackers were out of luck on Windows, they appear to have turned to macOS. Macs are often said to be safe from hackers, which means some users may let their guard down and be easier to target. On Windows, the phishing attack imitated Microsoft security alerts. The idea was that the hackers wanted to steal the users' security credentials. In the case of Apple, their goal is to steal Apple IDs, and to do this, they make it seem like the PC is compromised. We've all seen similar pop-ups in the past, but this attack feels more legitimate because it also freezes the website that the victim is viewing. An unresponsive PC with a message saying that it's been compromised is often enough for someone to give up their login credentials. LayerX claims that macOS and Safari users are now the primary targets for this particular phishing campaign, and they claim that it's a highly sophisticated attempt at a hack which may not stop here — it's just the first attempt at adapting to the fixes rolled out on Windows. Weird pop-ups that ask you to log in may look believable, but it's important to stay vigilant. It's worth warning friends and family members who are less plugged into the latest tech news. I know I'll be warning my relatives who are using the Apple ecosystem. It's unclear when, or if, Apple will be rolling out a security update to address this phishing attack.
