WWCD: Staying One Step Ahead of the Attack
Last month, Google announced the existence of CVE-2022-307, a zero-day vulnerability in Chrome and other Chromium-based browsers like Microsoft Edge that was already being actively exploited in the wild. What they didn’t say however, is how long the vulnerability had been exploited, or how long they had known about it before they patched it. Furthermore, while Google released a patch for the vulnerability at the same time as the announcement, the patch still required a browser update before it was remediated.
With browser zero days being discovered all the time – and frequently not until they’ve already been exploited – how can companies protect themselves during the period between the initial exploitation and when they are able to install the latest browser update?
What Would Conceal Do (#WWCD)?
Fortunately, infrastructure associated with these attacks is often discovered in the wild even before the zero-day can be fixed and is included in the intelligence sources ConcealBrowse relies on to make security decisions on behalf of the user. In these situations, ConcealBrowse can keep users safe even if their browser is still unable to stop a given attack.
Because ConcealBrowse checks every URL a browser is asked to load, it always has the latest information on indicators of compromise. This means that if a particular piece of infrastructure has already been associated with malicious activity, ConcealBrowse stops it from opening directly in the user’s local browser, and instead opens it in remote browser isolation. Even if the attack is successfully executed, the exploit is run on a virtual machine in the cloud that will be destroyed after the user’s session. The code is never executed in the user’s browser, so it can’t compromise the user’s device or your network.
ConcealBrowse stays one step ahead of attackers and can protect user’s systems while software vendors discover vulnerabilities and develop and deploy patches.