press release hero

Conceal Partners with Fortem-IT: Integrating Browser Security

/in /by

Conceal Announces Pioneering Partnership with Fortem Information Technology to Elevate Global IT Solutions with Browser Security

February 13 2024, 10:22 AM Eastern Daylight Time

AUGUSTA, GA –(BUSINESS WIRE)–Conceal, a leader in innovative cybersecurity solutions is excited to announce a strategic partnership with Fortem Information Technology, a global provider of tailored IT support services. This collaboration aims to enhance global IT security and support, marrying Conceal’s cutting-edge browser security solution with Fortem-IT’s comprehensive IT solutions.

“Partnering with Fortem-IT is a significant stride in our mission to provide world-class browser security globally. Fortem-IT’s global reach and bespoke IT services, combined with our advanced browser security technology, will create a formidable force in IT support and protection,” said Gordon Lawson, CEO of Conceal. “This alliance is a testament to our commitment to adapt our solution to be relevant and useful to the complex IT needs of businesses worldwide.”

“Our collaboration with Conceal marks a new chapter in providing comprehensive IT solutions. With Conceal’s innovative browser security technology, we’re set to redefine IT support and protection for our clients globally,” stated Mark McGettigan, Head of Sales of Fortem-IT.

This partnership promises to equip businesses with a blend of Fortem-IT’s vendor-agnostic, tailored IT solutions and Conceal’s advanced browser cybersecurity technology. Clients can expect enhanced IT support, streamlined operations, and robust protection against the ever-evolving landscape of cyber threats.

About Conceal

Conceal’s mission is to defend organizations against web-based threats. ConcealBrowse is a private, lightweight, easy-to-deploy AI-powered browser extension that detects, prevents, and shields users from ever-evolving phishing, credential theft, and other sophisticated social engineering attacks. By securing the most vulnerable part of any organization, the human using a web browser, ConcealBrowse dramatically reduces the risk of destructive and costly cyber-attacks. For more information, visit https://conceal.io/conceal-browse/

 

About Fortem-IT

Fortem-IT is dedicated to delivering innovative IT solutions that meet the unique needs of their clients. Their cutting-edge technology portfolio helps drive business success and maintain a competitive edge in the industry. Adopting a vendor-agnostic approach, Fortem-IT works to identify and fulfill all of their clients IT requirements, ensuring a comprehensive product portfolio. Their commitment to exceptional aftercare further sets them apart as a world-class IT provider, delivering ongoing support for continued success. For more information, visit https://fortem-it.com/, email [email protected] or call 0203 80 22 000

Source:

AI in cybersecurity a new vanguard in browser security

AI in Cybersecurity: Navigating the Digital Frontier

/in /by

AI in cybersecurity offers advanced protection for organizations against cyber threats, but also poses unique challenges and misuse by bad actors.

Whitepaper

Read more
Conceal

The Evolution of Phishing

/in , /by

Browser-Based Threat Report: Feb 5

/in /by

Browser-Based Threat Report

Week of February 5th, 2024

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of February 5th, 2024, unveils critical insights into the ever-evolving landscape of online threats.

The following report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256:575e16e99fc8d3ac02f853c6bed65238f23bd6013a7e2321b4c260a171ad5047

browser hijacking

screenshot of homepage for a browser extension that was flagged by security vendors for malware, likely due to browser hijacking

This URL was detected by ConcealBrowse on February 2nd, 2024. It was flagged by four security vendors on December 4th and is still currently flagged by four vendors. ConcealBrowse intervened, assigning the page a 23% risk score due to potential malware.

This is the homepage for a browser extension that was flagged by security vendors for malware, likely due to browser hijacking. Browser hijacking occurs when software changes how your web browser interacts with websites. For example, it may change your home screen to a different search engine or redirect you to malicious websites. While in most cases it is more of a nuisance than nefarious, these types of extensions could easily redirect you to sites that could do more damage or steal your credentials.

Conceal recommendation: This URL and IP should be blocked with ConcealBrowse’s policies and by your other security tools. 

_____________

SHA-256: c81549a6aa1a44d1858feaab9d01060950658b929e39c257b9d2854dd76b1387

This URL was detected by ConcealBrowse on February 1st, 2024. It was originally detected by 4 security vendors the same day, and that number has not changed. ConcealBrowse intervened, assigning the page a 14% risk score due to suspicion.

Although the page has since been removed by Microsoft, this site hosted a tech support scam. Tech support scams will claim that the user’s computer contains malicious software or viruses and prompt them to call a number to remove them. These numbers will pretend to be Microsoft support, but their goal is to steal personal information and money from victims. Sometimes, these scams will go as far as to tell the user to download malware onto their machine so that they can be exploited again in the future.

Conceal recommendation: Although links may originate from legitimate organizations like Microsoft, they can redirect you to unofficial or malicious sites. Unless users verify that the final domain is the one that they intended to visit, they may be unaware of the attack. Solutions, such as ConcealBrowse, that analyze the final destination web page, are crucial in detecting and defending against threats that hide through redirects. 

screenshot of tech support scam URL detected by ConcealBrowse

screenshot of tech support scam URL detected by ConcealBrowse

_____________

SHA-256: 5b9542b700f786e8c7913aae5cef1696bf888ccc555de8ff1be809f4ed4b5363

screenshot of gift card scam page URL detected by ConcealBrowse

Screenshot of a similar page hosted by the same server

This URL was detected by ConcealBrowse on January 30th, 2024. It was first detected by one security vendor on December 29th and is currently detected by 14. ConcealBrowse successfully intervened, assigning the page a 39% risk score.

While the current page no longer exists, it is hosted by a server that contains multiple phishing URLs. The proximity to the malicious IP address allowed ConcealBrowse to detect the page regardless of content. In the past, these sites were used to host gift card scams. Gift card scams trick the user into believing they’ve won a monetary prize, only to redirect them to a malicious website that will steal their personal information and credit card.

Conceal recommendation: Sites like these change their content frequently but often use the same high-risk IP addresses. Blocking all access to this IP with ConcealBrowse , along with your firewall or other perimeter security solution, makes it less likely for users to encounter them. 

_____________

Valuable Outcomes

As this recent threat reports exemplify, ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.


phishing white paper. browser-based phishing

A Comprehensive Guide on Browser-Based Phishing Attacks

/in /by

The quality and quantity of browser-based phishing attacks have escalated dramatically over the past year, posing a significant threat to online security.

Whitepaper

Read more
Browser-Based Phishing

The Rise of Browser-Based Phishing Attacks and Expectations for 2024

/in /by

The digital landscape of 2024 continues to be fraught with cybersecurity challenges, notably the surge in browser-based phishing attacks. A recent report1 highlights a startling 198% increase in such attacks, emphasizing the evolution of phishing threats into more sophisticated and evasive forms.

2023: A Year of Alarming Growth

Last year witnessed an unprecedented spike in browser-based phishing attacks, with 30% exhibiting advanced, evasive techniques. This surge is not just about quantity; the nature of these attacks has become increasingly sophisticated, leveraging tactics like smishing, adversary-in-the-middle (AiTM) frameworks, and multi-factor authentication (MFA) bypass strategies.

What Makes Modern Phishing Attacks Different?

The traditional concept of phishing has undergone a dramatic transformation. Modern phishing attempts are dynamic, adept at evading standard security measures, and increasingly automated using GenAI tools. These attacks are no longer limited to emails but have expanded to cloud-sharing platforms and web applications.

The 2024 Outlook

Looking ahead to the rest of 2024, we can expect these trends to continue, if not intensify. The report’s findings suggest:

Increased Volume and Sophistication: Phishing attacks will likely grow in frequency and complexity.

Evasive Techniques: Attackers will continue to innovate, making detection and prevention more challenging.

Expanding Targets: Small and medium enterprises, previously less targeted, may see a rise in phishing attempts.

Preparing for the Threat

The escalation of browser-based phishing attacks necessitates a proactive approach to cybersecurity. Enterprises need to reassess their security strategies, focusing on advanced detection mechanisms and user education. Emphasizing browser security and adopting comprehensive solutions capable of identifying and mitigating sophisticated attacks will be crucial.

Conclusion

The state of browser security in 2024 is a testament to the ever-evolving nature of cyber threats. With phishing attacks becoming more sophisticated and evasive, staying ahead of these threats requires constant vigilance, updated security practices, and a thorough understanding of the evolving digital threat landscape.

1. https://resources.menlosecurity.com/all-content/state-of-browser-security-defending-browsers-against-zero-hour-phishing-attacks

This week's threat report highlights a surge in credential theft phishing, a discreet threat with a 54% incident rate. Examples include Yahoo! login deception, IP address cycling in phishing campaigns, and a Microsoft look-alike site exploiting muscle memory for password entry.

Browser-Based Threat Report: Jan 29

/in /by

Browser-Based Threat Report

Week of January 29th, 2024

ConcealBrowse is leveraged by teams across the world to combat weaponized URLs. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.

At Conceal, your digital safety is our utmost priority. Our weekly threat report for the week of January 29th, 2024, unveils critical insights into the ever-evolving landscape of online threats.

The following browser-based threat report highlights recently detected sites that were deemed suspicious:

_____________

SHA-256: 76282d556daf6fbf2899edf57f6589bbacde0d7ce31d3c0c595b76f5d4d49661

page pretends to be Yahoo's login page and is used to steal email credentials

This URL was detected by ConcealBrowse on January 22nd, 2024. Six security vendors began reporting on this site later the same day. As of this report,the site is detected by 15 vendors. ConcealBrowse isolated the page with a 28% risk due to suspicion of phishing.

This page pretends to be Yahoo’s login page and is used to steal email credentials. Email credentials carry significant risk, because they can be used to steal accounts connected to the email address. Without 2 factor authentication, all an attacker needs is access to the email associated with the account to change the password and take it over. An attacker might also launch attacks against all contacts in the address book of the account because users are more likely to click on links from someone they know.

Conceal recommendation: Educating users how to spot potential phishing sites is an important aspect of a layered security approach. However, it is important to address those who may not identify phishing sites with a solution, like ConcealBrowse, that prevents users from entering credentials into sites that they fail to recognize as phishing by preventing username and password input in suspicious sites.

_____________

SHA-256: 79d6e8d4005bd33c71797a26b18e76b4b136a51d4ba0743c5a2a6ef9ead435a0

This URL was detected by ConcealBrowse on January 25th, 2024. It was detected by 13 security vendors two days before and is still currently detected by 13 vendors. Despite this, the threat still evaded security controls and ConcealBrowse isolated the page with a 14% risk assessment.

This page is hosted on an IP address that is known for multiple phishing scams. In the past, it impersonated brands such as Costco, phishing visitors for personal data and payment information. Recently, the site hosted a survey scam. Survey scams will ask users to complete a survey in exchange for a prize. When accepted, the page will collect personal information such as an email address and other PII, which will then be the target for multiple scams and phishing attempts. Although the site is currently down, it is likely that it will be reactivated with a different phishing campaign.

Conceal recommendation: This IP address is known to be used in phishing and other attacks. This IP address should be added to any block lists in ConcealBrowse and any other perimeter security controls.

page is hosted on an IP address that is known for multiple phishing scams. In the past, it impersonated brands such as Costco, phishing visitors for personal data and payment information.

_____________

SHA-256:34cae9fa33d05561d84cf80c1259cbee25c3f26ae653f7e14e29b0a24b539e45

credential phishing page; this time impersonating a Microsoft login

This URL was detected by ConcealBrowse on January 24th, 2024. It was first detected by one security vendor on January 18th, and since then it has been flagged by nine others. ConcealBrowse isolated the page with a 27% risk assessment for malware and phishing.

This is another credential phishing page; this time impersonating a Microsoft login. This site uses the color scheme and the logos of the organization that was targeted, and it fills in the email address of the user. These methods are all intended to make the victim more likely to enter their password without checking into the site further. The domain name is made to be believable as well, as it pretends to be a document signing platform. However, more investigation into the URL reveals that it is fraudulent, and no such company exists.

Conceal recommendation: Adversaries have become more sophisticated in how they are able to bypass security controls to deliver credential theft attacks. Security solutions that detect phishing threats and prevent users from entering credentials into counterfeit logins are essential in protecting against these types of threats.

_____________

Valuable Outcomes from the Browser-Based Threat

As this recent threat reports exemplify, ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing that their online activities are shielded from potential harm.

Join the Conceal Community and claim your FREE ConcealBrowse licenses!

Join the Conceal Community today and fortify your online security for free! Don’t miss the chance to benefit from our advanced threat protection and stay one step ahead of cybercriminals. Experience peace of mind while browsing the internet, knowing that ConcealBrowse is your shield against the ever-evolving threat landscape. Take the proactive step towards a safer online experience – get your free ConcealBrowse license now and join a community committed to safeguarding your digital world.

Sign up for the Conceal Community and claim your free licenses by completing the form below.

 


forbesbusinesscouncil-beyond-the-inbox-browsersecurity

Forbes: Beyond The Inbox: The Imperative For Holistic Cybersecurity Approaches

/in /by

Combat evolving cyber threats! Social engineering, especially via email, poses grave risks. Explore browser security’s critical role and a holistic approach for robust cybersecurity.

Read more
browser security-cybersecurity-secure browser

Browser Security Case Study: City of St. Peters

/in , /by

Intrigued by the comprehensive browser security and ability to intercept malicious activity at the browser level, the city of St. Peters invested in Conceal.

Read more
browser security-phishing prevention-browser based phishing

Browser Security Case Study: mSOC

/in , /by

In a comprehensive study, mSOC.io tested Browser Security software ConcealBrowse against human-verified malicious phishing sites designed to mimic legitimate logins.

Read more