ConcealBrowse 2023 Solution Brief

press release hero

Conceal Promotes Next-Gen Endpoint Protection in New Partnership with Binary Defense

Binary Defense’s Managed Detection and Response enhances its early detection and response capabilities in a new partnership with ConcealBrowse, the Patented Browser Isolation, and Zero Trust Technology

May 30, 2023 10:00 AM Eastern Daylight Time

AUGUSTA, Ga.–(BUSINESS WIRE)–Conceal, the leader in protecting against web-based attacks, today announced a new partnership with Binary Defense, the leading Managed Detection and Response (“MDR”) and enterprise defense provider. Through the partnership, Binary Defense’s MDR customers gain enhanced early-stage detection and response capabilities at the endpoint through Conceal’s patented zero-trust browser solution.

“As threat actors become more sophisticated, defenders must constantly evolve their tactics and capabilities to keep ahead of these threats,” said Dave Cronin, Head of Technical Alliances/M&A at Binary Defense. “Through our partnership with Conceal, we are integrating a top-notch security solution that stops threats at the browser level before they can steal user credentials, compromise data, infect the endpoint, or stage additional attacks. We look forward to working with Conceal to bring this advanced security solution to our MDR customers, further enhancing their ability to thwart attacks before they pose a significant risk.”

“Binary Defense is a recognized leader in the MDR market, delivering robust security to organizations through its cutting-edge early detection and deep investigation and analysis capabilities,” said Gordon Lawson, CEO of Conceal. “We look forward to partnering with Binary Defense to add to their cybersecurity arsenal to help detect and defend against browser-based threats and ransomware.”

ConcealBrowse offers a tremendous opportunity to provide innovative solutions to emerging web-browser security threats. A simple drop-in solution, ConcealBrowse, can easily be added to existing security packages. It requires minimal configuration and provides advanced telemetry data that can be integrated with SIEMs and common analytical tools.

About Binary Defense

Binary Defense is a Managed Detection and Response service provider and software developer with a Managed Open XDR model covering endpoint, network, cloud, and other log sources to supply high-fidelity threat detections. When paired with its advanced Threat Hunting, Counterintelligence, Digital Risk Protection, and Incident Response services, the company offers a comprehensive enterprise defense portfolio. Binary Defense demonstrates conclusive proof of superior capabilities in detecting intruder activity, and this rapid detection, combined with expert analysis and response, decreases cyber risk for businesses.

About Conceal

ConcealBrowse leverages an intelligence engine that works at machine speed with near-zero latency to dynamically and transparently analyze website contents and URLs to move suspicious, unknown, and risky websites to a cloud-based isolation environment.

Conceal enables organizations to protect users from malware and ransomware at the edge. The Conceal Platform uses Zero Trust isolation technology to defend against sophisticated cyber threats. Conceal is used globally by organizations of all sizes to ensure their users and IT operations remain secure, anonymous, and isolated from attacks. For more information, visit https://conceal.io/.

 

Conceal and Grove Announce a Global Partnership

Conceal Threat Alert: Meta Highlights Threats Against Business Accounts on its Social Platforms

The Hacker News reported that Meta, the parent company of Facebook and Instagram, has recently taken down over 1,000 malicious URLs leveraging OpenAI’s ChatGPT as a lure to spread malware across its services. (We previously reported on attackers using ChatGPT themes in phishing lures.) The increasing use of fake ChatGPT browser extensions by threat actors has led to the theft of users’ Facebook account credentials, ultimately resulting in unauthorized ads being run from hijacked business accounts. 

The malware campaigns primarily target personal accounts of users who manage or are connected to business pages and advertising accounts on Facebook. Malicious URLs with themes like Google Bard, TikTok marketing tools, pirated software, and movies are also being used by threat actors to deceive users. 

When hackers gain control of a company’s Facebook business page through these tactics, the potential costs can be devastating. These costs may include: 

  1. Financial loss: Unauthorized ads run from hijacked accounts can result in significant advertising expenses. Additionally, cybercriminals may misuse company financial data or access credit lines, causing further financial damage. 
  1. Damage to brand reputation: Unauthorized content posted on a company’s social media pages can harm the brand’s image and result in lost consumer trust and loyalty. It may take a considerable amount of time and effort to rebuild the company’s reputation. 
  1. Loss of sensitive data: The theft of confidential business data, such as customer information, trade secrets, or intellectual property, can have long-lasting negative effects on a company’s competitiveness and market position. 
  1. Legal and regulatory consequences: Companies may face legal and regulatory penalties if they fail to adequately protect customer data or if they are found to have insufficient cybersecurity measures in place. 
  1. Loss of productivity: Regaining control of the company’s social media accounts and recovering from the attack’s consequences can be time-consuming and resource-intensive, leading to reduced productivity and potential business interruptions. 

In response to these growing cyber threats, Meta has introduced a new support tool to help users identify and remove malware, verify connected Business Manager accounts, and require additional authentication for accessing a credit line or changing business administrators. 

However, as cyberattacks become more sophisticated, it’s essential to have an extra layer of protection for both personal and enterprise internet use. ConcealBrowse offers the ideal solution by proactively detecting, defending, and isolating threats from malicious internet traffic. 

ConcealBrowse automatically isolates risky transactions without interrupting the user’s browsing experience. Its isolated browsing environments for risky sites provide enhanced privacy and security, ensuring that malicious code or files never execute on a user’s devices. 

With ConcealBrowse, you can safeguard your online presence from malicious URLs delivered through any source, including social media platforms like Facebook and Instagram. This advanced protection tool acts as the brain, making proactive decisions about security risks associated with internet use and shielding your personal and enterprise data from cyber threats. 

By implementing ConcealBrowse, you can effectively mitigate the potential costs associated with hackers gaining control of your company’s Facebook business page. Stay ahead of the ever-evolving world of cyber threats with ConcealBrowse, your trusted partner in providing an unparalleled level of privacy and security for all your online activities. 

Don’t let cybercriminals compromise your online security and cause devastating consequences for your business. Take the first step in fortifying your online presence today by experiencing the power of ConcealBrowse for yourself. Visit https://conceal.io/request-a-demo/ to request a personalized demo and learn how ConcealBrowse can provide you with the ultimate protection against malicious URLs and other cyber threats. Don’t wait – safeguard your business and personal data with ConcealBrowse now!
 

WHITE PAPER: The Essential Guide to Web Browser Security

Cybersecurity 2023: Batten Down The Hatches

USE CASE: Financial Services

Conceal Threat Alert: Bumblebee Malware Campaign – When Malicious Ads Meet Compromised Websites

The threat landscape is continuously evolving, and cybercriminals are employing new and sophisticated tactics to target their victims. We have previously written about attacks utilizing “Search Engine Optimization (SEO) poisoning” on Google Ads to link to malware delivery sites. In SEO poisoning attacks, actors purchase Google Ads on targeted search terms to cause Google to serve malicious links in ads that are crafted to look like legitimate trusted web sites. 

One such campaign was recently observed by Secureworks’ Counter Threat Unit (CTU) researchers. It involves the distribution of Bumblebee malware via trojanized installers for popular software, such as Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. Bumblebee, a modular loader, has historically been delivered through phishing and is commonly associated with ransomware deployments. The current campaign, however, leverages malicious Google Ads and compromised WordPress sites as the initial attack vectors to infect victims’ systems.  

The researchers analyzed one of the Bumblebee samples and found that the infection chain began with a malicious Google Ad that redirected users to a fake download page for Cisco AnyConnect Secure Mobility Client. The fake page was hosted on the domain “appcisco[.]com,” which was created by the threat actor on or around February 16, 2023. This malicious redirection occurred via a compromised WordPress site. Once on the fake page, victims would download the trojanized installer, which contained an MSI file that executed two files when run. The first file was a legitimate installer for the Cisco AnyConnect VPN application, while the second was a malicious PowerShell script with an encoded Bumblebee malware payload.  

The campaign’s success relied on the effective use of malicious Google Ads and the compromise of WordPress sites. By combining these tactics, the attacker was able to redirect victims to fake download pages that appeared legitimate, enticing them to download and run the trojanized installers. The attacker’s objective, as observed in one compromised environment, was to deploy ransomware. However, in this particular case, network defenders detected and disrupted the attacker’s activity before they could achieve their goal. 

Fortunately, ConcealBrowse can defeat SEO poisoning attacks like this one. Because ConcealBrowse brings zero trust principles to the browser, even the most convincing ads can quickly be detected and blocked, preventing users from downloading malicious files or providing their sensitive information, even if they don’t realize the site is fake and malicious. 

The Bumblebee malware campaign serves as a cautionary tale of how cybercriminals can exploit online advertising platforms and compromised websites to distribute malware. Organizations must remain vigilant and adopt solutions like ConcealBrowse to proactively detect and isolate threats and safeguard their digital assets. Click here to try ConcealBrowse for free today.