Grove Case Study Website Feature

Browser Security Case Study: Toyota Tanzania

Overview

Toyota Tanzania, a prominent player in the automotive industry, has a rich history rooted in East Africa. With a legacy dating back to 1825, the Karimjee family introduced the Toyota brand, which has since become synonymous with quality, reliability, and innovation. Operating in vehicle importation, spare parts distribution, and after-sales services, Toyota Tanzania is committed to the global after-sales service standard, known as “Kodawari.”

In an era of digital transformation, the automotive industry faces evolving cybersecurity challenges. Connected vehicles, intricate in-car systems, and the proliferation of Internet of Things (IoT) devices increase the attack surface. Abdulaziz Raudha, IT Manager at Toyota Tanzania, sheds light on the complexities: “People are browsing on various devices; how do you protect them all? You can secure your computers on your network perimeter, but how do you manage remote endpoint devices?

Challenge

Despite conventional security measures, Toyota Tanzania encountered a critical challenge: the vulnerability of saved credentials. Raudha recounts an incident where hackers targeted the CEO and directors, exploiting saved credentials to gain unauthorized access, emphasizing that even seemingly secure networks are susceptible.

Solution

Enter Conceal, a transformative solution described by Raudha as an “armor for most things we are not aware of. “Conceal’s Zero Trust approach and AI-driven browser security offered a game-changing paradigm in cybersecurity. Raudha highlights the significance: “As we move with technology and IoT takes place, humans have weaknesses. You can’t rely 100% on humans. Conceal spots small things that we might not pick up.”

The Result of Implementing Browser Security

Conceal’s implementation proved instrumental in bolstering Toyota Tanzania’s cybersecurity posture. Raudha praises the solution’s seamlessness, reporting capabilities, and intelligence: “It actually makes my life so much easier. AI is a game-changer technology. You can relax at home knowing you are secure.” The isolation of users on sites and the proactive identification of potential threats showcased Conceal’s effectiveness. ConcealBrowse’s intelligence engine and Zero Trust isolation technology, combined with Grove’s advanced cybersecurity solutions, create an ideal defense for your digital assets and brand. Our AI-driven browser isolation tool dynamically analyses code and moves suspicious elements to a secure cloud-based isolation environment, ensuring proactive threat mitigation.

“I am still to find a solution that does what Conceal does with AI. It’s seamless, makes my life easier, sends reports, and has great intelligence.”

Abdulaziz Raudha, IT Manager, Toyota Tanzania

Conclusion

Abdulaziz Raudha expresses gratitude to Conceal and Grove for their assistance, emphasizing the magnificence of Conceal’s Zero Trust solution. Looking ahead, Raudha plans to expand the user base, confident in Conceal’s ability to deliver unparalleled security. As Toyota Tanzania continues its commitment to excellence, Conceal stands as a vital partner in navigating the complexities of modern cybersecurity.

“Conceal checked so many boxes for the team at Toyota Tanzania, which made Conceal an obvious choice, a solution that delivers what it promises and so much more beyond the marketing. A solution which once was implemented was a set and forget solution, and real benefit was derived from day one, no lengthy ROI, immediate time to value! Working with a knowledgeable IT Manager such as Abdulaziz is so reassuring, knowing he holds security as the primary focus for the organisation, and this should give the CEO whom he works closely with great confidence. His depth of experience and expertise is rare to find, as we see diminishing skills in Cyber and IT, Abdulaziz understands what is needed and delivers.”

Bianca Dafel, Business Development Manager | GROVE

 

This Case Study illustrates not only the challenges faced by a leading automotive player but also the transformative impact of Conceal in fortifying cybersecurity defenses in an ever-evolving digital landscape.

Browser-Based Threat Report: Jan 8

Browser-Based Threat Report

Week of January 8th, 2024

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs and other Browser-Based Threats. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of January 8th, 2024, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256: e64f0fe9e6a80807640b81600c168af3e335a12d91b1dc2e2df20d2ae04fed8a

Browser-Based Threat Report

Browser-Based Threat Report

ConcealBrowse first detected this URL on January 8th, 2024. Only one other vendor annotated the URL on the 8th, and only 2 total vendors are reporting it as phishing at the time of this report. Conceal prevented this new threat, further assigning a 14% risk and highlighting the importance of real-time analysis.

Despite several vendors not identifying this page as malicious, it has been shown to download a phishing HTML to visitors, leverage hidden URLs and JavaScript, and the server where this site is hosted is also hosting cc, ru, and .ws domains. Adversaries commonly use these TLDs.

_____________

SHA-256: bb4cd8d523d0ce1ee335b18573829db74b8ccca8d386e0badcb7d75aa1c2dedc

ConcealBrowse detected this URL on January 8th, 2024. It was first identified by 7 security vendors on August 24th, 2023. ConcealBrowse intervened as the webpage loaded to the endpoint, assigning the page a 38% risk.

The webpage uses a redirect, which loads a blank page currently. However, it was historically loading the screenshot pictured below. The webpage prompts the users to allow notifications that, once enabled, execute numerous JavaScripts found embedded within the webpage’s HTML source code. The body hash (annotated above) has been flagged by over 10 security vendors. These vendors classified the page as a known adware distributor. The domain listed above and the redirected domain should be avoided, as most of their subdomains have also been annotated as such.

Browser-Based Threat Report

Browser-Based Threat Report

_____________

SHA-256: fd2f020c87981687a1a05917e1e0f2f672533b29bf0d58d5ab6f945f7bdab389

Browser-Based Threat Report

Browser-Based Threat Report

The URL was detected by ConcealBrowse on January 3rd, 2024. It was detected by various security vendors on January 2nd, 2024, and is currently flagged by 15 vendors. Classified as malicious and phishing, this newly registered domain and subsequent webpage were further analyzed and deemed proximal by ConcealBrowse, meaning it is cohosted with other malicious domains.

Since the delivered webpage now has no content, it may appear safe. However, there is a lingering threat. ConcealBrowse flagged this webpage with our in-house indicator known as “proximity.” This means that the page is hosted on a server that hosts other sites known to deliver malware or phishing campaigns. After further analysis, the server has been seen to be hosting malicious sites. Some of these sites are delivering encoded files to their victims that enable them to bypass traditional antivirus products, exhibiting MITRE ATT&CK tactics such as defense evasion. Due to the affiliation with this enabling server, ConcealBrowse intervened.

_____________

Valuable Outcomes

As this recent threat reports exemplify, ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


Browser Based Security: Why ConcealBrowse?

In an age where 9 out of 10 attacks are initiated by phishing, your existing email security and web security gateway are vital but insufficient without browser based security. Here’s where ConcealBrowse significantly elevates your defense mechanisms:

Mitigating the Shift in Phishing Tactics:

  • Hackers are pivoting away from email phishing due to the prevalent security measures in place
  • The browser has become the hackers’ new favorite arena, but with ConcealBrowse, it becomes an impenetrable fortress

Dynamic AI-Driven Protection:

  • Static rules and predefined threat signatures are no longer adequate. With new malicious domains popping up daily, the security landscape is too dynamic
  • ConcealBrowse utilizes AI to proactively identify and mitigate threats, providing an adaptable shield against both current and emerging risks

Unmatched Browser-Based Visibility:

  • While your current tools work efficiently on the network, their visibility is inherently limited and basic due to encryption
  • ConcealBrowse, residing within the browser, provides continuous and comprehensive visibility, ensuring not even the minutest threat goes unnoticed

Guarding Against Information & Credential Theft:

  • Can your current technology discern and block stealthy, legitimate-looking phishing pages designed for information theft?
  • ConcealBrowse’s AI not only identifies these pages but also ensures that your users are safeguarded from falling prey to them, seamlessly and effortlessly

Protecting Beyond Corporate Emails:

  • Your existing email security is confined to corporate communications. What about the personal emails your users access through browsers?
  • ConcealBrowse is indiscriminate; it extends its robust protection to all email platforms accessed via the browser, whether Gmail, Hotmail, or any other

The ConcealBrowse Advantage:

  • Proactive Security: AI-driven protection actively learns and adapts to new threats, ensuring your security is always several steps ahead
  • All-Encompassing Protection: From corporate to personal emails, every communication channel accessed via the browser is under ConcealBrowse’s vigilant protection

Incorporating ConcealBrowse into your security architecture is not just an improvement; it’s an imperative. With its dynamic, AI-driven, browser-based protection, it fills the critical gaps left by your current security measures, providing a holistic, impenetrable defense mechanism against the ever-evolving threat landscape. Secure comprehensively with ConcealBrowse. Join the Conceal Community today and fortify your online security for free!

Browser-Based Threat Report: Jan 1

Browser-Based Threat Report

Week of January 1st, 2024

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs and Browser-Based Threats. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of January 1st, 2024, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256: b068837842db3d9756703c8924bfc1dcb2c0aa23c0a86f31bb71b62839f4bf6a

Browser-Based Threat

ConcealBrowse first detected this URL on December 28th, 2023. The URL was first reported on March 23rd, 2021, showcasing the continuous compromise and further suspicion surrounding the download site. Conceal intervened as the page loaded, assigning a 14% risk due to suspicion as the page had several signals that the detection engine identified.

The URL delivered a webpage that appears to host various video games on gaming platforms, which are available to download. The site asks the user to turn off their ad blocking features of the browser, enabling ads on the page. Although you may be able to download games from the site without issues, the likelihood of clicking an ad or downloading a Trojan via one of the video games is still high. This is the same issue found with Peer-to-peer sharing sites and torrent sites, as there is little to no moderation. Additionally, this site lacks Content Security Policy headers, making it susceptible to cross-site scripting and code injection attacks.

_____________

SHA-256: 8be6bc58004cbcefb2ec47155e19d904a5cd30d233e3fe4a82a1043839f65bb6

ConcealBrowse detected this URL on December 29th, 2023. It was first identified by three security vendors on October 3rd, 2023, and to date, by five vendors in total. ConcealBrowse intervened due to the abundance of signals around the page’s structure. With that, the site was assigned a 14% risk score.

The innocuous news site appears safe at first glance, giving insight to those seeking information on the Affordable Care Act and employee rights. Sites like this often use various marketing tags to track analytics to gain insight into their site visitors. These tags often rely on popular management systems such as Google Tag Manager, and one can see the HTTP requests from the page to the tag manager system. However, one such HTTP request from the site reaches out to a mimicked tag manager, which then loads the script to the page. The script, if loaded, notifies the user to update their browser, which runs a PowerShell script that introduces the NetSupport Remote Access Trojan to the endpoint. This gives adversaries remote access to the endpoint for follow-up actions. This active site should be avoided until the site admins remedy their issue.

Browser-Based Threat

_____________

SHA-256:67e5733c2974647897760ce1fd6e184a1508cc3a9df5da7372d6c981d2932abb

The URL was detected by ConcealBrowse on January 2nd, 2024, the same day that various security vendors detected it. To date, only seven vendors have identified this URL, classifying it as malicious and phishing. This highlights Conceal’s leading-edge technology that identifies threats in real-time before most CTI feeds catch on.

At first glance, the website is delivering a web browser that’s currently in beta testing. This browser, which claims to be privacy-minded, simple, and fast, has already been identified by various antivirus vendors as risky. In fact, 31 vendors have classified the browser as such, labeling it everything from riskware to a Potentially Unwanted Program to malware. Once downloaded, it is difficult to remove. Further, the browsing experience is problematic, as it has various redirects, often taking users to preferred search engines when using the URL search bar. This active site and, more importantly, browser application should be avoided.

Browser-Based Threat

_____________

Valuable Outcomes of Stopping Browser-Based Threats

As this recent threat reports exemplify, ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


Browser-Based Threat Report: Dec. 25

ConcealBrowse Browser-Based Threat Report

Week of December 25th, 2023

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs and Browser-Based Threats. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of December 25th, 2023, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

URL SHA-256: 8f14543dc1646ee7ebd2f5db2bc376c53dd4cba321a8ff0063557581514e9e3d
Exe. SHA-256: db7aeaa44d1b1e29e31fc0c1a148634b02f4914244bb1662eb47fc2b977405e5

Browser-Based Threat Report

This URL was first detected by ConcealBrowse on September 14th, 2023, and again on December 20th, 2023. The URL was first submitted for analysis by 3 security vendors on September 18th, 2023. Due to the increasing popularity of the URL, Conceal felt it necessary to include this in the weekly threat report. The URL has a 14% risk score due to suspicion which is based off 2 anomalies identified by our Sherpa AI engine.

The URL delivers a webpage that hosts a free privacy extension which claims to prevent ads and trackers found in everyday internet usage. The issue with this specific extension, is that it alters browser settings, assigning preferred search engines as default amongst other settings. Further, freeware like those that can be downloaded from the page above, populate their own revenue generating ad’s to make money, and more importantly collect and sell end user information to third parties. Due to this as well as the way this tool is delivered, via inconspicuous bundling, vendors have annotated the executable as a Potentially Unwanted Application (PuA).

_____________

SHA-256: a94da9bda65514cfe1df1bae85d7d386c84807327f3ac27d2f6cb4ba527c8f6d

This URL was detected by ConcealBrowse on December 26th, 2023. It was first identified by 2 security vendors on September 19th, 2023, and to date, by 6 vendors in total. The URL was isolated by ConcealBrowse with a 14% risk score due to 4 conclusive anomalies, including the use of a malicious TLD. Additionally, 4 links were identical yet labelled differently and there were 21 empty or void links detected. This is highly suspicious, indicating the site was rapidly created for a timing attack, which is supported by its registration date of September 9th, 2023.

Suspicion increased as analysis occurred, as the adversaries used effective titling such as “sale” and “2023” within the page and URL itself. This plays into the current holiday shopping theme and is an effective social engineering tactic used to convey legitimacy and relevancy to end users. When interacting with the site, certain links and text boxes were broken, which again highlights how rapidly the site was created. Sites like these are often recycled and registered to new domains, allowing them to bypass tools reliant on domain reputation. With real time analysis, ConcealBrowse intervenes, and conveys doubt to the end user about sites loaded in isolation. This site should be avoided as it may be phishing for credit card and personal information.

Browser-Based Threat Report

_____________

SHA-256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

The URL was detected by ConcealBrowse first on December 21st.It was first submitted to various CTI feeds on the same day. The domain was just recently registered on December 16th, with the first affiliated webpage already unavailable. The webpage has 132 siblings, that are also flagged by various security vendors, however, they are under construction and therefore their true intent remains unknown. This stresses the importance of real time analysis when the threat cyber intelligence lifecycle cannot act fast enough.

After some historical analysis, the URL was seen delivering a dating application. Although any ulterior motives of the application is unknown, security vendors have classified the URL and its subdomain as phishing and malicious. Additionally, it is important to note that the site uses a malicious top-level domain (which was identified by our Sherpa AI engine). The .live TLD is regarded as one of the top abused TLDs globally. Further, the IP address that delivering the domain in question, has been identified by 12 security vendors as malicious with over 200 flagged URL’s delivering pages from it. ConcealBrowse intervened, issuing a 27% risk score to the URL, leaning on intelligence previously mentioned, but mainly, on our Sherpa AI engine to keep the endpoint safe from the suspicious site. It is advised to avoid the subdomain and its siblings as their intent and motive is yet to be seen as they are currently under construction.

Browser-Based Threat Report

_____________

Valuable Outcomes of Browser-Based Threat

ConcealBrowse offers comprehensive protection against many sophisticated cyber threats, as recent threat reports exemplify. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to navigate the digital landscape with confidence, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


Threat Report Website Feature - 12.18.23

Browser-Based Threat Report: Dec. 18

Browser-Based Threat Report

Week of December 18th, 2023

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs and Browser-Based Threats. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of December 18th, 2023, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256: c3c3f907fd925366cc657147828696deaf0494bff7d5d9b39d62bb6b5e4e5cf2

weekly threat report 12.18.23 Screenshot of the suspicious webpage

This URL was detected by ConcealBrowse on December 15th, 2023, and assigned a 14% risk score due to suspicion. The URL was first classified by 2 security vendors in September of 2019 as malicious and phishing. This URL has a long history of delivering a compromised and suspicious page and to date has been annotated by 5 vendors as such.

Upon further investigation, there are multiple reasons why this site is continuously flagged. First, the site itself is a WordPress site, which without proper configuration, has numerous vulnerabilities by default, from compromised themes to insecure plugin integrations. That aside, the page is also delivered from an IP address that has historically delivered Trojans (most recently on December 12th) as well as Potentially unwanted Programs (PuPs) and Potentially unwanted Applications (PuAs). This exemplifies the dangers of shared hosting which could lead to the demise of the webpage in question, and further, the endpoints connecting to it.

_____________

SHA-256: 29ee53339a87040fd5b852e2d8542e9498812fb3fd689c25a4b3b4cf492220ce

This URL was detected by ConcealBrowse on December 14th, 2023. The URL in question was first identified December 13th, 2023 as delivering malware and a phishing webpage by 4 security vendors. 6 additional security vendors have since deemed the page as dangerous, totaling 10 vendors to date.

Spoofed websites, like the one delivered by the URL in question, are popular during this time of the year as the adversaries know there will be increased visitors. This site replicates the USPS homepage and even subpages. After a few minutes on the page, it is obviously spoofed with broken links. Conceal’s Sherpa AI engine detected multiple anomalies, identifying this site as malicious. The spoofed site was isolated with ConcealBrowse due to its intention of collecting credit card information from the unassuming, allowing users to add items such as stamps to their cart and proceed to a checkout screen.

weekly threat report 12.18.23 screenshot of spoofed USPS page

_____________

SHA-256: 60d387d2967c2e63a962333387768228a9d2b379829ebc3670ae6d4788f052e0

SHA-256: f248e02fe1c54a766640b8f2257b18d2f496a8642bac1b03ec52e26e2fbc6e93

The URL was detected by ConcealBrowse first on November 4th, and subsequently on December 14th, 2023. It was first submitted to various CTI feeds January 15th, 2022, with its final URL just recently submitted December 19th, 2023. The original URL and final URL have been classified as malicious and phishing by 5 total security vendors. This highlights the domain’s ability to continuously circumvent traditional security mechanisms.

The URL above has multiple final URL’s that have been used in malvertisement campaigns historically. As seen below, once a user clicks on the malicious advertisement, their browser displays warning messages, stating they have outdated drivers. This tactic is used to scare end users into downloading malicious drivers to their endpoint. Although the URL today leads to a parked domain, meaning the adversaries are no longer using their website, they could easily commence this attack even though the domain is on a few DNS blocklists. They would be successful against those without informed DNS providers, however, would not be successful against those with ConcealBrowse.

weekly threat report 12.18.23 Historical screenshot pictured left, with current status (parked domain) pictured right

 

_____________

Valuable Outcomes

ConcealBrowse offers comprehensive protection against many sophisticated cyber threats, as recent threat reports exemplify. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to navigate the digital landscape with confidence, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


Browser Based Security

Conceal’s Year in Review: Innovations, Challenges, and Successes

As we bid farewell to another eventful year, it’s time to reflect on the milestones, challenges, and triumphs that have shaped Conceal over the past twelve months. This year has been a testament to our commitment to advancing cybersecurity and protecting our clients from ever-evolving digital threats. 

Milestones Achieved

Expanding Our Product Range

Launch of New Features: This year saw the introduction of a series of groundbreaking features and products at Conceal. Notably, we achieved extensions for Firefox and Microsoft Edge, significantly broadening our browser security coverage. We also saw the launch of advanced tech alliances and integrations, enhancing user security and experience. Some of our most notable and impactful highlights include coverage for the Firefox browser, an innovative end-user information panel, a device-based installation process, and MSI installer package support.

AI Engine: We proudly upgraded to our AI engine, a leap forward in real-time web page analysis. This engine is designed to understand patterns in behavior, structure, and content, elevating ConcealBrowse’s analytic capabilities. 

Upgrades to Existing Features: This year, in additional to releasing our SherpaAI engine, we enhanced the end-user experience with upgraded dashboard elements, search by device labels, and notable integrations into platforms like Connectwise, Datto, Splunk, Devo, and SentinelOne.

Growth and Expansion

New Partnerships: This year marked the forging of significant partnerships, contributing immensely to Conceal growth. Each partnership brought unique strengths to our platform. These partnerships include Thousand Guards, MorugaIT, Grove, Kompingo, Hyprfire, Brigantia, NobleTec, Binary Defense, SentryMark, White Rock Cybersecurity, CyberForce Security and Next Generation Security.  

Expansion into New Markets: Our venture into new markets has been a resounding success, particularly in the MSP sector. We’ve seen a 450% quarter-over-quarter growth from CYQ2 to Q3, with similar trends projected for CYQ4. Key expansions included entering the Japanese market with SentryMark, significant growth in the UK/EU through partnerships with NGS, Kompingo, and Brigantia, and establishing our presence in New Zealand.

Conceal Community Initiatives: The launch of a free NFR Community for MSPs and offering 5 Free licenses for Enterprises has proven to be a successful strategy, continually attracting more users.

Overcoming Challenges

Navigating the Cybersecurity Landscape

This year, the cybersecurity world has been fraught with challenges, particularly the rise in ransomware and credential theft. Conceal has proactively adapted to these threats, ensuring robust protection for our clients.

Internal Growth and Development

Our internal structure saw significant changes, especially with the transition of BDRs to ISRs. This internal development has been pivotal in managing our rapid growth, particularly in the MSP sector.

Success Stories

Empowering Users and Organizations with ConcealBrowse

As Conceal celebrates a year of significant achievements and advancements in cybersecurity, we’re proud to share some remarkable success stories that highlight our impact:

Enhancing User Security Despite Training Limitations: A key testament to ConcealBrowse’s effectiveness comes from an appreciative user: “I like that ConcealBrowse is an antidote to the failure of people to follow their Security Awareness Training. They click on email links and search result links despite any training. Especially, I like that ConcealBrowse adds a critical layer of protection against the growing threat of ransomware.” This feedback underscores our solution’s ability to compensate for human error and provide a robust defense against emerging cyber threats.

Collaborative Success with VAR Partnerships: Our collaboration with Value-Added Resellers (VARs) has been particularly fruitful. One Account Executive/Marketing Events Coordinator shares, “The team at Conceal is very collaborative, flexible, and adaptable, fitting our customers’ needs across various verticals. They’ve gone out of their way for account mapping and solution overviews, leading to co-selling opportunities.” This partnership has been pivotal in scaling our solutions to businesses of all sizes, proving the adaptability and effectiveness of ConcealBrowse.

Transformative Impact on Toyota Tanzania: At Toyota Tanzania, IT Manager Abdulaziz Raudha hails ConcealBrowse as a game-changer: “Conceal’s Zero Trust approach and AI-driven technology offered a game-changing paradigm in cybersecurity… You can relax at home knowing you are secure.” The implementation of our solutions has significantly strengthened their cybersecurity posture, showcasing the power of AI in contemporary digital defense.

City of St. Peters – A Model for Municipal Cybersecurity: The City of St. Peters’ integration of ConcealBrowse into their IT infrastructure demonstrates our solution’s versatility and effectiveness in public sector environments. An IT administrator from the city lauds the product: “ConcealBrowse’s innovative approach to cybersecurity… has significantly enhanced our network security while maintaining user-friendliness and minimal administrative overhead.” This case exemplifies our commitment to providing solutions that are both powerful and user-friendly.

Awards and Recognitions

This year, Conceal was honored with several awards, including being a finalist in the CISO Choice Awards for Endpoint and Email Security, winning the Black Unicorn Awards, and being named MSP Today Product of the Year. Additionally, we received accolades for the Best New Solution and Most Innovative Solution at the ChannelPro SMB Forum. 

Looking Ahead: The Future of Conceal

Upcoming Innovations

Looking forward, we are excited about further innovations, including greater API support, mobile device protection, support for Safari, enhanced site isolation information, and a user feedback system. We are also focusing on expanding our Inside Sales team in Augusta, GA, and the UK.

Commitment to Excellence

Our unwavering commitment to excellence remains at the forefront of our endeavors. We continue to innovate and lead in the fight against cyber threats, ensuring the best possible solutions for our clients.

As we reflect on this year, our gratitude extends to our customers, partners, and employees whose support has been invaluable. Conceal remains dedicated to its mission, continually striving for excellence in cybersecurity. Here’s to a year of challenges turned into opportunities and milestones that pave the way for a safer digital future.

Browser-Based Threat Report: Dec. 11

Browser-Based Threat Report

Week of December 11th, 2023

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of December 11th, 2023, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256: 891574723688afb245340844f42b5036facf02c090d9a6bb1886762753595122

This URL was detected by ConcealBrowse on December 6th, 2023, and assigned a 14% risk score due to suspicion. The URL was first submitted and identified by 2 security vendors on December 5th, 2023. The 2 vendors classified the delivered page as malware and malicious.

The inactive site hosts a media download application, that allows users to download and convert videos from sites such as YouTube and TikTok. These kind of tools are popular as they are free, however, as with most free online services, are riddled with advertisements and suspicious links. Furthermore, converter sites have notoriously added additional scripts within their converted, downloadable files, which have historically introduced malware (predominantly trojans and ransomware) and potentially unwanted programs to the endpoint. The site in question asks the end user to allow notifications and when “allow” is clicked, additional tabs are opened, all of which display ads that can lead to additional script execution.

_____________

SHA-256: 2529f43fb390342be8a394c198533e0446a7553e9a17ebf8e569059a3db99afc

This URL was detected by ConcealBrowse on December 5th, 2023. The URL was first analyzed by 3 security vendors on December 6th, 2023, further classifying the page as malicious, suspicious, and as a deliverer of spam and malware. Using our SherpaAI, we identified the threat an entire day before reputable security vendors and CTI feeds.

This highlights the importance of real time analysis. The URL leads to a spam ridden sports page that is full of advertisements and popups. This, coupled with hidden URLs and JavaScript found within the page, increases the possibility of an end user triggering a drive-by download or downloading one of the 11 suspicious embedded JavaScript files. Due to the suspicious HTML code, the site has triggered various AV and security software detection criteria. Additionally, the domain hosting this page has a 3-month domain certificate, which is highly suspicious as it makes tracking the certificate and the associated threats challenging.

_____________

SHA-256: bf2e5eb4aaa5c4fbe33f58a7777afe7cccd97fc0b73b1848ef9a73b3ed8d1351

This URL was detected by ConcealBrowse on December 11th, 2023. It was first submitted to various CTI feeds December 12th, 2023 and has since only been identified by 6 security vendors to date. This domain was registered on December 8th, 2023, demonstrating how quickly the threat environment evolves, and how important it is to have real time analysis enabled by ConcealBrowse.

The delivered webpage seems benign at first glance as it loads a blank page. However, after further analysis, the website was seen downloading various suspicious HTML and JavaScript files.. One such HTML file was seen modifying the registry keys of Internet Explorer on the endpoint. Although the affected application is rarely used, this activity is suspicious, as this vector may be used to modify other applications on the endpoint. This webpage has since been added to block lists from notable security vendors.

 

_____________

Valuable Outcomes

ConcealBrowse offers comprehensive protection against many sophisticated cyber threats, as recent threat reports exemplify. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to navigate the digital landscape with confidence, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


Conceal

Harnessing the Power of AI in Browser Security

Enhancing Threat Detection and Prevention through AI