SlideShare a Scribd company logo

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the Enterprise

Lacoon Mobile Security
Lacoon Mobile Security

This Bleeding-In-The-Browser attack scenario is a highly common scenario that exploits an Android 4.1.1 mobile browser to steal credentials and session cookies using reverse Heartbleed. This presentation illustrates how easily an attacker can steal your Enterprise data with social engineering techniques as well as tips for protecting your Enterprise data from Bleeding-in-the-Browser / client-side Heartbleed.

Technology
1 of 7
Bleeding-In-The-Browser -  Attack flow scenario – Illustration of how an attacker can steal your Enterprise data -  Tips for protecting your Enterprise data from Bleeding-in-the-Browser / client-side Heartbleed 1
Tab 1 2 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link
Tab 1 3 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link
Tab 1 4 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
Tab 1 5 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
Tab 1 6 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding in the Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
7 Protect Your Enterprise Data from Bleeding-in-the-Browser We Advise our Enterprise Customers to: §  Map the risk across your enterprise’s mobile devices and identify vulnerable devices. An on-line Heartbleed mobile device tester is available here: http://www.lacoon.com/?p=7998 For a free enterprise account, contact us at info@lacoon.com §  If you’ve identified vulnerable devices, enable two-factor authentication on critical services as SalesForce, Google Apps, Office365, etc. §  Use Lacoon MobileFortress to track the vulnerability status in your mobile environment and provide on-demand exploit mitigation.

Recommended

Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases ExperienceVu Tran 14
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Flaws in Oauth 2.0 Can Oauth be used as a Security Server
Flaws in Oauth 2.0 Can Oauth be used as a Security ServerFlaws in Oauth 2.0 Can Oauth be used as a Security Server
Flaws in Oauth 2.0 Can Oauth be used as a Security Serverijtsrd
 
INTERNET AND ITS APPLICATION RESOURCES
INTERNET AND ITS APPLICATION RESOURCESINTERNET AND ITS APPLICATION RESOURCES
INTERNET AND ITS APPLICATION RESOURCESsushantjuneja1
 
Phishing
PhishingPhishing
PhishingArpit Patel
 
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...Hotmail Support
 
Zsun
ZsunZsun
ZsunHai Nguyen
 

Recommended

Sso cases Experience
Sso cases ExperienceSso cases Experience
Sso cases ExperienceVu Tran 14
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing FrameworkIJAEMSJORNAL
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Flaws in Oauth 2.0 Can Oauth be used as a Security Server
Flaws in Oauth 2.0 Can Oauth be used as a Security ServerFlaws in Oauth 2.0 Can Oauth be used as a Security Server
Flaws in Oauth 2.0 Can Oauth be used as a Security Serverijtsrd
 
INTERNET AND ITS APPLICATION RESOURCES
INTERNET AND ITS APPLICATION RESOURCESINTERNET AND ITS APPLICATION RESOURCES
INTERNET AND ITS APPLICATION RESOURCESsushantjuneja1
 
Phishing
PhishingPhishing
PhishingArpit Patel
 
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...
hotmail, hotmail login, what is hotmail, hotmail sign up, hotmail entrar, new...Hotmail Support
 
Zsun
ZsunZsun
ZsunHai Nguyen
 
Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email PracticesJonathan Slavin
 
Ethical Hacking and Cyber Security
Ethical Hacking and Cyber SecurityEthical Hacking and Cyber Security
Ethical Hacking and Cyber SecurityNeeraj Negi
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02mark scott
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Phishing
PhishingPhishing
Phishingshivli0769
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityChris Hillman
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWARutvik patel
 
Presentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini AnandPresentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini AnandHarini Anandakumar
 
SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers IBM Security
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingMuhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
Phishing with Super Bait
Phishing with Super BaitPhishing with Super Bait
Phishing with Super BaitJeremiah Grossman
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems designdrewz lin
 
Secure client
Secure clientSecure client
Secure clientHai Nguyen
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing SchemeChristopher Duffy
 
Online spying tools
Online spying toolsOnline spying tools
Online spying toolsfarazmajeed27
 
Online spying tools
Online spying toolsOnline spying tools
Online spying toolsfarazmajeed27
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Mobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackMobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackLacoon Mobile Security
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 

More Related Content

Similar to "Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the Enterprise

Ethical Hacking and Cyber Security
Ethical Hacking and Cyber SecurityEthical Hacking and Cyber Security
Ethical Hacking and Cyber SecurityNeeraj Negi
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02mark scott
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityChris Hillman
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWARutvik patel
 
Presentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini AnandPresentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini AnandHarini Anandakumar
 
SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers IBM Security
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems designdrewz lin
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing SchemeChristopher Duffy
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 

Similar to "Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the Enterprise (20)

Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email Practices
 
Ethical Hacking and Cyber Security
Ethical Hacking and Cyber SecurityEthical Hacking and Cyber Security
Ethical Hacking and Cyber Security
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Phishing
PhishingPhishing
Phishing
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
STORED XSS IN DVWA
STORED XSS IN DVWASTORED XSS IN DVWA
STORED XSS IN DVWA
 
Presentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini AnandPresentation On CLoudSweeper By Harini Anand
Presentation On CLoudSweeper By Harini Anand
 
SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers SpoofedMe - Intruding Accounts using Social Login Providers
SpoofedMe - Intruding Accounts using Social Login Providers
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In Phishing
 
Phishing with Super Bait
Phishing with Super BaitPhishing with Super Bait
Phishing with Super Bait
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems design
 
Secure client
Secure clientSecure client
Secure client
 
Deconstructing A Phishing Scheme
Deconstructing A Phishing SchemeDeconstructing A Phishing Scheme
Deconstructing A Phishing Scheme
 
Online spying tools
Online spying toolsOnline spying tools
Online spying tools
 
Online spying tools
Online spying toolsOnline spying tools
Online spying tools
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 

More from Lacoon Mobile Security

Mobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackMobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackLacoon Mobile Security
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Lacoon Mobile Security
 
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationiOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationLacoon Mobile Security
 
Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsLacoon Mobile Security
 
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)Lacoon Mobile Security
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsLacoon Mobile Security
 
How Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersHow Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersLacoon Mobile Security
 
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsBlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsLacoon Mobile Security
 
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Lacoon Mobile Security
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)Lacoon Mobile Security
 

More from Lacoon Mobile Security (11)

Mobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under AttackMobile Threats: Enterprises Under Attack
Mobile Threats: Enterprises Under Attack
 
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
Black Hat USA 2014 - A Practical Attack Against Virtual Desktop Infrastructur...
 
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & MitigationiOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
iOS Threats - Malicious Configuration Profiles, Threat, Detection & Mitigation
 
Amphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMsAmphion Forum 2013: What to Do About Attacks Against MDMs
Amphion Forum 2013: What to Do About Attacks Against MDMs
 
An Overview of mRATs
An Overview of mRATsAn Overview of mRATs
An Overview of mRATs
 
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
MobileCON 2013 – Attacks Aginst MDM Solutions (and What You Can Do About It)
 
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM SolutionsIPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
IPExpo 2013 - Anatomy of a Targeted Attack Against MDM Solutions
 
How Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure ContainersHow Mobile Malware Bypasses Secure Containers
How Mobile Malware Bypasses Secure Containers
 
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management SolutionsBlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
BlackHat USA 2013 - Practical Attacks against Mobile Device Management Solutions
 
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)Anatomy of a Targeted Attack against Mobile Device Management (MDM)
Anatomy of a Targeted Attack against Mobile Device Management (MDM)
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...Product School
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...Elena Simperl
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...Product School
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesThousandEyes
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backElena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyJohn Staveley
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 

"Bleeding-In-The-Browser" - Why reverse Heartbleed risk is dangerous to the Enterprise

  • 1. Bleeding-In-The-Browser -  Attack flow scenario – Illustration of how an attacker can steal your Enterprise data -  Tips for protecting your Enterprise data from Bleeding-in-the-Browser / client-side Heartbleed 1
  • 2. Tab 1 2 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link
  • 3. Tab 1 3 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link
  • 4. Tab 1 4 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
  • 5. Tab 1 5 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding-in-the-Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
  • 6. Tab 1 6 Victim receives an email that convinces them to access the targeted service (e.g. Facebook, Gmail, SalesForce, etc). Unknowingly, the fake URL opens a new tab in the browser and directs the user to an HTML file on a server containing the the Heartbleed client exploit script. Bleeding in the Browser Attack Flow The HTML page refreshes every few seconds allowing the attack to capture data from the Android browser heap every few seconds (this time gap changes frequently) The HTML exploit will seamlessly open the target service in another tab so they are unaware of the malicious tab that is open in the background, logging the user to a HTTPS protected service (e.g. Facebook, Gmail, SalesForce, etc). During the login process, the malicious tab will refresh and cause additional data to arrive from the client's Android browser heap. 1 The attacker can now begin to extract data such as cookies, username, passwords and other credentials. 2 3 4 5 Phishing email Link Tab 1 Tab 2
  • 7. 7 Protect Your Enterprise Data from Bleeding-in-the-Browser We Advise our Enterprise Customers to: §  Map the risk across your enterprise’s mobile devices and identify vulnerable devices. An on-line Heartbleed mobile device tester is available here: http://www.lacoon.com/?p=7998 For a free enterprise account, contact us at info@lacoon.com §  If you’ve identified vulnerable devices, enable two-factor authentication on critical services as SalesForce, Google Apps, Office365, etc. §  Use Lacoon MobileFortress to track the vulnerability status in your mobile environment and provide on-demand exploit mitigation.