Weekly Threat Report: July 9
This week’s threat report covers a major supply chain attack involving polyfill.io, which has started delivering malicious code to websites, potentially affecting far more than the initially estimated 100,000 sites. Additionally, we discuss a common package delivery scam and a document sharing phishing attack. ConcealBrowse effectively detects and intervenes against these threats using advanced heuristics and intelligence from security vendors, protecting users from malicious sites and phishing attempts.
On June 25th, Sansec published a report that polyfill[.].io, a previously benign website that was used to service websites with popular scripts, was delivering malicious code to its users. Unsuspecting visitors to sites infected with the code would be redirected to malicious pages, putting their devices and information at risk.
While it was initially estimated that approximately 100,000 websites were infected during this supply chain attack, further research has shown that this number might be much higher. Website administrators have been advised to ensure that any references to *.polyfill.js be replaced with secure alternatives. ConcealBrowse’s use of heuristics as well as intelligence from other security vendors is working to intervene against potentially compromised sites and keep users protected.
This page was detected by ConcealBrowse on July 2nd, the day after it was first caught by security vendors. It was initially detected by 10 vendors and is now currently detected by 22 due to phishing. ConcealBrowse intervened on this site with a 33% risk score and successfully identified the USPS brand impersonation.
This site is used in a popular attack that involves sending the potential victim a message saying that their package could not be delivered due to an issue at their address. The victim will then enter their personal information, as well as their payment information after being asked to pay a fee. This information is then used to commit fraud and potentially target the victim with more personalized scams and phishing attacks in the future. ConcealBrowse’s intervention on suspicious sites help users recognize their deceptive nature, protecting them from phishing attacks.
This URL was first seen by security vendors in June and was detected by ConcealBrowse on July 2nd. Initially, only one security vendor was reporting the site as phishing, but there are currently fifteen vendors now flagging the site. ConcealBrowse intervened with a 31% risk assessment due to brand impersonation and suspicious behavior.
This site is involved in a document sharing phishing attack. The attack usually occurs when a user receives a deceptive email, typically from a contact they recognize. The email contains a link to a document that they are told to view with urgency. The phishing page states the user must validate their credentials before being permitted to view the document. While in an isolated session, all keyboard input is blocked. This means that users cannot enter their credentials into phishing pages, keeping their accounts safe from compromise.
领英推荐
Valuable Outcomes
As this recent threat reports exemplify, ConcealBrowse offers comprehensive protection against many sophisticated cyber threats. Our advanced threat detection capabilities have successfully flagged and quarantined malicious web pages, preventing users from falling victim to various cyber-attacks. Conceal remains dedicated to upholding the integrity of online interactions, constantly refining our detection algorithms and threat identification protocols to ensure proactive protection against emerging cyber threats. By integrating cutting-edge technology and a robust security infrastructure, we empower users to confidently navigate the digital landscape, knowing their online activities are shielded from potential harm.
Sign Up for Free Licenses of ConcealBrowse
Join the Conceal Community today and fortify your online security for free! Discover how ConcealBrowse provides essential browser-based threat protection, intercepting threats others miss and offering early intervention for advanced security. Protect your network from 100% of email and browser threats with ConcealBrowse. Our AI-driven solution protects your organization from malware, ransomware, zero-day attacks, credential theft, and other online risks.
Get started today at https://conceal.io/free/
ConcealBrowse is leveraged by teams across the world to combat weaponized URLs. The technology is constantly analyzing suspicious web artifacts to identify risks in the form of drive-by attacks, phishing portals, and other threats that materialize while browsing.