Latest news with #SquareX
Associated Press
4 days ago
- Business
- Associated Press
SquareX Appoints Mary Yang as Chief Marketing Officer to Drive Global Growth Strategy
PALO ALTO, Calif., June 5, 2025 /PRNewswire/ -- SquareX, the leading browser security company, is proud to announce the appointment of Mary Yang as its Chief Marketing Officer (CMO). A marketing veteran, Mary brings a wealth of experience in marketing leadership from her roles at global technology firms and high-growth startups, with a proven track record of driving brand awareness, demand generation, and go-to-market (GTM) success. Mary brings more than 20 years of marketing experience, including multiple successful exits, to SquareX. In her previous role, Mary oversaw global marketing and communications for Syxsense, an automated endpoint and vulnerability management company that was acquired in September 2024. As SquareX CMO, Mary will lead global marketing strategy, including brand, growth, communications, field and channel marketing, helping to expand awareness and scale demand for SquareX's industry-first Browser Detection and Response solution. 'Mary has a unique combination of GTM discipline and creativity, honed through years of leadership in the cybersecurity space,' said Vivek Ramachandran, Founder and CEO of SquareX. 'Her understanding of what it takes to grow a cybersecurity startup through building trust is exactly what we need as we shift up. We're very excited to work with her to build something category-creating.' Mary joins SquareX at a pivotal moment, as the company recently closed its Series A with lead investor SYN Ventures and moves to accelerate adoption and deployment of browser detection and response. 'I'm thrilled to join the SquareX team. When I saw the depth and breadth of the SquareX browser detection and response solution along with the challenges it was solving, it was clear how game-changing this technology is,' said Mary. 'Browsers are now the frontline of enterprise work and risk — every business-critical task happens inside a browser and nearly all major cyber-attacks leverage the browser as part of the kill chain. I look forward to showcasing how SquareX can help enterprises secure their workforce and enable their employees to work online confidently.' As browser-based threats continue to evolve, SquareX remains committed to staying ahead of attackers with its innovative security approach. Mary's appointment marks the latest in a series of leadership hires at SquareX, as the company ramps up efforts to transform browser security for enterprises. About SquareX SquareX is the pioneer of Browser Detection and Response (BDR), empowering organizations to detect, mitigate, and effectively threat-hunt client-side web attacks. SquareX provides critical protection against a range of browser security threats, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Unlike legacy security approaches or cumbersome enterprise browsers, SquareX seamlessly integrates with existing browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables enterprises to reduce their attack surface, gain actionable intelligence, and strengthen their cybersecurity posture against the newest threat vector: the browser. To learn more about SquareX's BDR, users can contact [email protected]. For press inquiries on this disclosure on the Year of Browser Bugs, users can contact [email protected] View original content to download multimedia: SOURCE SquareX
Techday NZ
30-05-2025
- Techday NZ
Safari users at heightened risk from new fullscreen BitM attack
SquareX has released new threat research detailing an advanced Browser-in-the-Middle (BitM) attack that specifically targets users of the Safari browser. The research, conducted as part of the Year of Browser Bugs (YOBB) project, outlines the method by which BitM attacks deceive individuals into providing sensitive credentials by presenting fake login pages in the victim's browser through a pop-up window controlled by the attacker. Traditionally, one limitation of BitM attacks has been the continued visibility of the malicious URL in the parent window, which could alert security-conscious users to the threat. SquareX's research identifies a vulnerability in Safari's implementation of the Fullscreen API that attackers can exploit to make the attack more convincing and difficult to detect. According to the team, "When combined with BitM, this vulnerability can be exploited to create an extremely convincing Fullscreen BitM attack, where the BitM window opens up in fullscreen mode such that no suspicious URLs from the parent window is seen. Safari users are especially vulnerable to this attack as there is no clear visual indicator of users entering fullscreen." The researchers added, "We have disclosed this vulnerability to Safari and were regrettably informed that there is no plan to address the issue." The Fullscreen API, as currently specified, requires only that "the user has to interact with the page or a UI element in order for this feature to work." However, it does not detail what type of interaction is necessary. Attackers can thus embed any clickable element, such as a fake login button, in the pop-up which triggers fullscreen mode, convincingly mimicking a legitimate login page with the real URL in the address bar. SquareX's researchers warned: "The Fullscreen BitM attack highlights architectural and design flaws in browser APIs, specifically the FullScreen API. Users can unknowingly click on a fake button and trigger a fullscreen BitM window, especially in Safari where there is no notification when the user enters fullscreen mode." "Users that typically rely on URLs to verify the legitimacy of a site will have zero visual cues that they are on an attacker-controlled site. With how advanced BitM is becoming, it is critical for enterprises to have browser-native security measures to stop attacks that can no longer be visually identified by even the most security aware individuals." While BitM attacks have generally been used to steal login credentials, session tokens, and SaaS application data, the fullscreen variant described in SquareX's research further increases the risks by making detection by ordinary users extremely difficult. The attack could extend to spreading misinformation via fake pages designed to resemble official government sites, as well as gathering personally identifiable information (PII) and company data. Attackers could also open new tabs within the attacker-controlled window, gaining further insight into the victim's browsing activities. Other browsers, including Firefox, Chrome, Edge, and Chromium-based ones, are also technically susceptible to the Fullscreen BitM attack. These browsers do issue a notification when fullscreen mode is activated, but the warning is described as subtle and easily overlooked. Dark mode and modified colour schemes can make the notification even less noticeable. In contrast, Safari only shows a brief swipe animation with no explicit messaging, which increases user vulnerability. The research states that endpoint detection and response solutions lack the capability to monitor activity within the browser itself, rendering them ineffective against both standard and fullscreen BitM attacks. According to SquareX, "EDRs have zero visibility into the browser and are proven to be obsolete when it comes to detecting any BitM attack, much less its more advanced fullscreen variant. Additionally, orchestrating the attack with technologies such as remote browser and pixel pushing will also allow it to bypass SASE/SSE detection by eliminating any suspicious local traffic." The researchers assert that security tools are currently unable to detect or mitigate Fullscreen BitM attacks due to the lack of access to detailed browser metrics. "As phishing attacks become more sophisticated to exploit architectural limitations of browser APIs that are either unfixable or will take significant time to fix by browser providers, it is critical for enterprises to rethink their defense strategy to include advanced attacks like Fullscreen BitM in the browser," the research team stated. SquareX's disclosure of the Fullscreen BitM attack is part of its ongoing initiative to highlight browser vulnerabilities and architectural limitations as browser-based attacks continue to evolve. Previous disclosures under the Year of Browser Bugs project have addressed threats such as Browser Syncjacking, Polymorphic Extensions, and Browser-Native Ransomware.
Business Mayor
27-04-2025
- Business
- Business Mayor
SquareX secures US$20 million to transform browser security
SquareX has announced the close of its Series A funding round, raising US$20 million. The investment was led by SYN Ventures, a venture capital firm specialising in cybersecurity, with continued support from Peak XV Partners, formerly known as Sequoia Capital SEA. The Singapore-based company has pioneered Browser Detection and Response (BDR), a solution that strengthens security directly within the browser. Its approach eliminates the need for businesses to adopt entirely new enterprise browsers, which can often disrupt user experience and productivity. Instead, SquareX offers a simple extension that turns any browser into a secure, enterprise-grade tool. Vivek Ramachandran, CEO of SquareX, said, 'The browser is the new endpoint, yet it remains a major blind spot for most organisations. Existing solutions often force a trade-off between security and usability. We built SquareX to eliminate this compromise in browser security, offering robust protection that works with the browsers users are already familiar with. This Series A funding, led by the team at SYN Ventures, validates our vision of everyone being able to be online without fear.' As browsers have increasingly become primary targets for cyberattacks, the need for better security solutions has grown urgent. Traditional security tools often lack the ability to monitor threats at the browser level, and adopting proprietary enterprise browsers can create friction in daily workflows. SquareX addresses these challenges with its BDR extension. It allows enterprises to detect and manage threats such as malicious extensions, phishing attempts, data leakage through generative AI, and insider threats. By operating within the native browser environment, SquareX significantly reduces the attack surface without compromising usability or requiring complex change management. Jay Leek, Managing Partner and Founder of SYN Ventures, commented, 'SquareX is tackling one of the most significant and underserved areas in cybersecurity today. The browser is ground zero for countless attacks, and the team at SquareX has developed an elegant and powerful solution that provides critical visibility and control where it's needed most – directly within the native browser experience.' Peak XV Partners, which first invested during SquareX's seed stage, has expressed confidence in the company's progress and direction. 'Having partnered with SquareX since their seed stage, we've been impressed by their vision and execution in tackling browser security challenges. We are excited to partner with them again as they demonstrate strong results in delivering much-needed cybersecurity capabilities to enterprise customers,' said Shailendra Singh, Managing Director at Peak XV. SquareX's innovative approach aims to reshape how enterprises think about browser security, offering a way to protect users without disrupting their preferred digital workflows.
Forbes
17-04-2025
- Business
- Forbes
19 Tech Experts Detail Emerging APT Tactics (And How To Prepare)
getty The thought of a successful cyberattack is a sobering one for any business, but even more alarming are advanced persistent threats. Through these sophisticated attacks, a bad actor infiltrates a network and is able to linger for an extended period of time, undetected, accessing sensitive data, disrupting operations or even conducting ongoing surveillance. Carefully planned and often tailored to specific industries and technologies, APTs are evolving and growing in number, with cloud migration, remote workplaces and increased reliance on third-party vendors expanding the attack surface. Below, members of Forbes Technology Council detail emerging APT tactics digital organizations must be ready for and how to prepare. Browsers have emerged as a significant threat vector. The significant majority of our work time is spent within browsers. As the use of SaaS applications continues to grow, the number of locations where sensitive data is stored expands, making it more challenging to secure data and leaving IT and security teams struggling to keep up. Our inability to mitigate browser-based threats poses critical risk for our organizations. - John Carse, SquareX Threat actors are weaponizing EDR bypass tools (or 'EDR killers') to launch their attacks, as seen in recent attempts by RansomHub. Threats that evade perimeter controls, however, must still cross the network—which can't be tampered with. Have a layered defense that includes network visibility to identify unusual patterns that could indicate malicious behaviors so attackers have nowhere to hide. - Rob Greer, ExtraHop Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify? AI supports every phase of an attack, including command-and-control (C2) beaconing. If your security mostly relies on machine learning systems based on rules and known indicators, you're exposed. Most enterprises should expect their counterparties to be repeatedly hacked—until we all embrace adaptive deep learning as a defense. - Evan Powell, Deep Tempo APT groups will weaponize deepfake-driven phishing even further. AI-generated voices and videos will impersonate executives, bypassing traditional identity verification and social engineering defenses. Organizations must implement multifactor biometric authentication, behavioral analytics and AI-driven anomaly detection that can flag even the most subtle inconsistencies. - Aditya Patel, Amazon Web Services (AWS) Cloud collaboration tools are increasingly being weaponized. Attackers 'live off the land' using trusted platforms like Microsoft 365 to evade detection. To combat this, organizations should implement strong multifactor authentication and behavioral analytics for cloud environments and train employees to recognize suspicious activity in the tools they rely on for daily collaboration. - Gergo Vari, Lensa, Inc. Advances in generative AI have become sophisticated, making social engineering attacks more convincing and challenging to detect. Identity-driven security, such as phishing-resistant authentication and verification, plays a crucial role in mitigating social engineering attacks by focusing on verifying and validating the identities of users and entities involved in digital interactions. - Venkat Viswanathan, Okta APTs are increasingly targeting backup and disaster recovery systems to sabotage recovery efforts. Organizations must implement immutable backups, enforce zero-trust access, regularly test recovery plans and use AI-driven threat detection to ensure cyber resilience. - Aliasgar Dohadwala, Visiontech Systems International LLC APT groups are increasingly leveraging infostealer malware to harvest credentials and session cookies, allowing them to bypass multifactor authentication and maintain stealthy access. To defend against this, organizations must monitor for stolen credentials, detect and invalidate compromised sessions, and enforce adaptive authentication to prevent attackers from exploiting legitimate user identities. - Damon Fleury, SpyCloud A rising APT tactic is supply chain attacks, where hackers exploit third-party vendors and software dependencies to breach networks. To counter this, organizations must conduct strict vendor assessments, enforce zero-trust security, implement continuous monitoring and strengthen incident response to safeguard critical systems and data. - Sanjoy Sarkar, First Citizens Bank While open-source AI models are a goldmine for software developers, they are equally attractive to cybercriminals for embedding malware. Organizations need to be able to discover which models are being used within their applications, and how they're being used, to screen them for security risks and enforce policies over which models can and cannot be used. - Varun Badhwar, Endor Labs Prepare for AI-driven APTs that autonomously adapt to security defenses. These attacks learn from detection attempts and modify their techniques to remain hidden. Prepare by implementing AI-based defense systems, conducting adversarial simulations, developing response playbooks, embracing zero-trust architecture and investing in threat intelligence for early warnings of new attack methods. - Priya Mohan, KPMG An emerging APT tactic is adversarial AI attacks, where threat actors manipulate machine learning models to evade detection or generate false insights. Organizations should prepare by securing AI training data, implementing robust anomaly detection and continuously stress-testing models against adversarial inputs. Strengthening AI governance and investing in explainable AI will enhance resilience. - Sai Vishnu Vardhan Machapatri, Vernus Technologies Attackers are deploying zero-click exploits—which require no user interaction—to infiltrate mobile devices, Internet of Things systems and critical infrastructure. Enterprises need continuous endpoint monitoring, hardware-level security enforcement and AI-driven anomaly detection for connected devices. - Vamsi Krishna Dhakshinadhi, GrabAgile Inc. An emerging APT tactic involves targeting unmanaged digital assets (that is, shadow IT) and poisoning AI training data to manipulate outcomes. Organizations should conduct regular audits to identify and secure shadow IT, enforce strict governance over digital tools, validate AI data pipelines and implement anomaly detection to ensure data integrity before model training. - Mark Mahle, NetActuate, Inc. A new APT tactic to watch for is adversary-in-the-middle (AiTM) attacks, where threat actors intercept and manipulate real-time communications to bypass authentication and hijack sessions. To prepare, organizations should implement phishing-resistant multifactor authentication, monitor session integrity and deploy AI-driven anomaly detection to flag unauthorized access attempts before they escalate. - Roman Vinogradov, Improvado APTs will increasingly target data governance gaps rather than technical systems. Organizations should prepare by establishing comprehensive data inventories and clear data lineage. When you know what data you have, who can access it and how it flows through systems, you eliminate the 'dark corners' where threats hide. - Nick Hart, Data Foundation Organizations must prepare for 'AI poisoning,' where attackers manipulate machine learning models by injecting corrupted data into training sets. This can lead to biased and incorrect results, eventually distorting fraud detection and security defenses. Organizations must implement robust data validation pipelines and regularly and proactively audit AI models for anomalies. - Harini Shankar Cloud-native attack chains are a rising advanced persistent threat trend. These use cloud services for stealthy, complex attacks that evade traditional defenses. Organizations must implement cloud workload protection (CWP), continuous API monitoring and SIEM that correlates cloud-native logs. Microsegmentation and least-privilege access are also vital to limit lateral movement. - Pradeep Kumar Muthukamatchi, Microsoft Attackers with long-term footholds in networks performing data exfiltration are a major concern. To combat this, businesses should implement zero-trust architectures to limit lateral movement and use next-generation firewalls that analyze traffic patterns to new or untrusted locations. - Imran Aftab, 10Pearls
Associated Press
28-03-2025
- Business
- Associated Press
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
PALO ALTO, CA / ACCESS Newswire / March 28, 2025 / From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations spend nearly $1 billion dollars on ransom each year, but the greater cost often comes from the reputational damage and operational disruption caused by the attack. Ransomware attacks typically involve tricking victims into downloading and installing the ransomware, which copies, encrypts, and/or deletes critical data on the device, only to be restored upon the ransom payment. Traditionally, the primary target of ransomware has been the victim's device. However, thanks to the proliferation of the cloud and SaaS services, the device no longer holds the keys to the kingdom. Instead, the browser has become the primary way through which employees conduct work and interact with the internet. In other words, the browser is becoming the new endpoint. SquareX has been disclosing major browser vulnerabilities like Polymorphic Extensions and Browser Syncjacking, and is now issuing a strong warning on the emergence of browser-native ransomware. SquareX's founder, Vivek Ramachandran cautions, 'With the recent surge in browser-based identity attacks like the one we saw with the Chrome Store OAuth attack, we are beginning to see evidence of the 'ingredients' of browser-native ransomwares being used by adversaries. It is only a matter of time before one smart attacker figures out how to put all the pieces together. While EDRs and Anti-Viruses have played an unquestionably vital role in defending against traditional ransomware, the future of ransomware will no longer involve file downloads, making a browser-native solution a necessity to combat browser-native ransomwares.' Unlike traditional ransomware, browser-native ransomware requires no file download, rendering them completely undetectable by endpoint security solutions. Rather, this attack targets the victim's digital identity, taking advantage of the widespread shift toward cloud-based enterprise storage and the fact that browser-based authentication is the primary gateway to accessing these resources. In the case studies demonstrated by SquareX, these attacks leverage AI agents to automate the majority of the attack sequence, requiring minimal social engineering and interference from the attacker. One potential scenario involves social engineering a user into granting a fake productivity tool access to their email, through which it can identify all the SaaS applications the victim is registered with. It can then systematically reset the password of these apps with AI agents, logging the users out on their own and holding enterprise data stored on these applications hostage. Similarly, the attacker can also target file-sharing services like Google Drive, Dropbox and OneDrive, using the victim's identity to copy out and delete all files stored under their account. Critically, attackers can also gain access to all shared drives, including those shared by colleagues, customers and other third parties. This significantly expands the attack surface of browser-native ransomware - where the impact of most traditional ransomware is confined to a single device, all it takes is one employee's mistake for attackers to gain full access to enterprise-wide resources. As fewer and fewer files are being downloaded, it is inevitable for attackers to follow where work and valuable data are being created and stored. As browsers become the new endpoint, it is crucial for enterprises to reconsider their browser security strategy - just as EDRs were critical to defend against file-based ransomware, a browser-native solution with a deep understanding of client-side application layer identity attacks will become essential in combating the next generation of ransomware attacks. SquareX 's industry-first Browser Detection and Response (BDR) solution helps organizations detect, mitigate, and threat-hunt client-side web attacks happening against their users in real time. In addition to browser ransomware, SquareX also protects against various browser threats including identity attacks, malicious extensions, advanced spearphishing, GenAI DLP, and insider threats. The browser-native ransomware disclosure is part of the Year of Browser Bugs project. Every month, SquareX's research team releases a major web attack that focuses on architectural limitations of the browser and incumbent security solutions. Previously disclosed attacks include Browser Syncjacking and Polymorphic Extensions. Contact: Head of PR Junice Liew SquareX
