Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital World. Show all posts
Password
Browser Extension Browser Vulnerability Cybersecurity Datathreats Digital Data Management LayerX Digital World Extensions Manage Passwords Password

Report Reveals Serious Security Issues in Common Browser Extensions

 


Modern digital workflows have become increasingly dependent on browser extensions, supporting a variety of tasks ranging from grammar correction, password management, and advanced AI integrations into everyday tasks. Browser extensions have become widely used across both personal and corporate environments, but they remain among the most overlooked vectors of cybersecurity risks in the world. 

Although end users continue to enjoy the convenience offered by these tools, many IT and security professionals are unaware of the significant threats that may be posed by the excessive permissions granted to these extensions, which can, in many cases, expose sensitive organizational data and compromise enterprise systems, and which can be a serious concern for an organization. 

In its Enterprise Browser Extension Security Report for 2025, a leading authority in browser extension security and management, LayerX Security offers comprehensive insight into the security and management of browser extensions. In this report, LayerX's extensive customer database of real-world enterprise telemetry is combined with publicly available data from major online marketplaces for browser extensions for the first time to present an analysis of actionable data from actual enterprise telemetry. 

A unique perspective is provided in this report by merging these two data streams and analyzing them through the lens of cybersecurity, to provide a comprehensive understanding of how browser extensions are used within enterprise environments, the behaviors of the employees who use them, and the risks associated with these extensions, all of which are often overlooked. 

Using this research, we will be able to examine the permissions commonly requested by extensions, identify the high-risk extensions currently in use, and identify critical security blind spots where organizations may be vulnerable to data leaks, unauthorized accesses, or malware infiltration due to critical security blind spots. This report differs from traditional studies, which have focused primarily on public metrics and hypothetical threat models, and instead presents a data-driven assessment of the actual behaviour of enterprises and the usage patterns of extensions. 

Using this report, organisations can gain a better understanding of critical security gaps, identify security blind spots, and demonstrate the danger of overly permissive extensions, which can lead to data leakage, unauthorised access, and third-party vulnerabilities. LayerX, a cloud-based threat management platform that combines internal usage data with external ecosystem data, provides an unprecedented insight into a threat landscape that has long been under the radar of many security and IT professionals. 

There are several ways in which browser extensions can be used to enhance browser functionality, including the ability to block ads, manage passwords, or customise user interfaces, but they can also be used to make users' browser more vulnerable. While many extensions offer legitimate productivity and usability benefits, not every extension is made with the idea of keeping users safe in mind at all times. As a result, there are increasing numbers of extensions that have been created with malicious intent. 

These extensions seek to steal sensitive data, monitor the activities of users, insert unauthorised advertisements, or, in severe cases, even fully control the browser. The Enterprise Browser Extension Security Report 2025 sheds light on the scope of this neglected risk by highlighting that extensions, by their very nature, often require extensive permissions, which can be easily exploited by attackers. Taking this into account, the report calls for an entirely new paradigm in the management of browser extensions across organisations' networks. 

IT and security teams are encouraged to adopt a proactive, policy-driven approach to oversight of extensions across enterprise endpoints. This begins with a thorough audit of each extension deployed across all enterprise systems. Creating an extensive inventory of extensions allows organisations to classify them according to their functions, determine their permission levels, assess the credibility of developers, and monitor update patterns to determine the trustworthiness of all extensions. 

By understanding this type of information, it is possible to develop a risk-based enforcement strategy that will enable high-risk or suspicious extensions to be flagged, restricted or blocked entirely without impacting the user's productivity. A key point highlighted in the report is the fact that adaptive security frameworks are imperative because they can respond dynamically to evolving threats in the browser ecosystem. As a result of the increasing number of attacks targeting browser extensions as delivery mechanisms for malware or data exfiltration, these measures are not just advisable, they are essential. 

Organisations cannot afford to ignore browser extensions as a secondary concern anymore. Because malicious or compromised extensions can bypass traditional perimeter defences in a way that is silent, malicious or compromised extensions are a critical threat vector that requires continuous visibility, contextual risk assessment and strategic controls to be effectively managed. 

In the past, "man-in-the-browser" attacks were primarily based on malware that would manipulate browser memory by identifying certain HTML patterns and injecting script> tags directly into the content of in-memory web pages. Despite the undeniable malicious nature of these methods, they were largely restricted by the browser's native security architecture, which in turn kept them from going too far. 

As a result, the scripts that were injected were restricted in their ability to access cross-site data, to persist beyond the session, or to execute outside the target page. Because they ran in a sandboxed environment, followed the same-origin policy, and were limited to the duration of the page on which they were inserted. Despite these limitations, modern threat actors are increasingly taking advantage of malicious browser extensions to circumvent them. 

Browser extensions are installed components that are independent of individual web pages, as opposed to traditional web-based malware. In a browser session, they will have access to elevated and persistent resources, allowing them to run continuously in the background, even when there are no tabs open at the time. 

The malicious extensions can bypass the same-origin constraints, intercept or modify information from multiple websites with these elevated privileges, access cookies and store them across domains with such elevated privileges, and exert ongoing control over browsing environments without immediate detection. As part of this evolution, a critical change was also made to the JavaScript execution context. 

Unlike traditional injections, where the injection executes in the same context as legitimate web application scripts and security tools, leaving behind detectable artefacts like DOM elements, JavaScript variables, and suspicious network requests, extensions are executed in a separate context, often with more privileges. By separating in-page activity, attackers are less likely to be discovered by conventional security tools that monitor in-page activity, making it easier to conceal their presence and sustain longer dwell times within compromised environments as a result. With their advanced capabilities and stealth, malicious browser extensions mark a significant change in the threat landscape and transform them into powerful weapons for cyber adversaries. 

For modern enterprises that are interested in maintaining robust browser-level security, they must understand and mitigate these risks. In addition to showing the scale and complexity of the threat landscape for browser extensions in 2025, the Enterprise Browser Extension Security Report 2025 also provides an actionable framework for mitigating the risks that may arise as a result. 

In addition to providing diagnostics, LayerX offers a clear, strategic roadmap to help enterprises move from a fragmented and unmonitored extension environment to one governed, structured, and secure. In addition to containing five core recommendations, this guidance can be used to assist security teams in implementing effective, scalable measures to protect their data.

1. Establish a Comprehensive Extension Inventory 

Visibility is a critical part of any meaningful browser extension security strategy, so organizations should establish a comprehensive inventory of all extensions installed across every managed device to establish a comprehensive security strategy. As part of the browser management APIs and endpoint management platforms, IT teams can track the installations and sideloaded components that are both officially installed. 

To effectively enforce policy and collect key metadata, such as extension IDs and versions, installation sources, publisher credentials, permissions requested, and installation timestamps, this comprehensive dataset must be created. It serves as the basis for all subsequent analysis and enforcement actions. 

2. Classify Extensions by Functionality and Risk Category 


As soon as an organisation establishes an inventory of extensions, it should categorise them according to their core functionality. These categories can be categorised according to whether the extensions enhance productivity, integrate AI, improve developer productivity, or encompass media. These categories should also be aligned with predefined risk categories. 

Extensions with GenAI or data scraping capabilities, for example, may require elevated access to the application and should be examined more closely; however, extensions whose capabilities are restricted to interface customisation might pose a much lower threat. By categorising the functional components of an application, security teams can prioritise oversight efforts and direct resources accordingly. 

3. Deep Dive into Permission Scopes and Access Levels


For security teams to understand the potential impact of each extension, it is vital to analyse the permission sets requested by each extension. Those teams should pay close attention to permissions categorised as high-sensitivity, such as the permissions to read and change all the data on each website users visit, to access browsing history and to manage downloads. Also, less well-known but equally risky scopes are "nativeMessaging" and "cookies." The use of a permissions-to-impact matrix is a great way for organisations to map technical access to risky scenarios in real-world scenarios, such as session hijacking, data exfiltration, or tampering with web requests. 

4. Conduct a Holistic Risk Assessment for Each Extension 


As part of a well-rounded risk assessment, contextual factors should be considered as well as technical factors, including the legitimacy of the publisher, the age of the extension, the frequency of updates, the user adoption patterns, and the rating of the extension store. 

Using these elements, one can create a weighted risk score for each extension, highlighting high-risk entries that are highly complex with powerful permissions but questionable provenances or widespread deployments. Using automated tools and dynamic dashboards, it may be possible to identify and prioritise emerging threats in real time, allowing for a swift response. 

5. Enforce Adaptive, Risk-Based Policies Across the Organisation 


It is recommended that organisations, instead of relying on rigid allowlists or denylists, develop flexible, risk-aware policies that are tailored to meet the specific needs of different user groups, business units, or levels of data sensitivity. A low-risk productivity extension could be automatically approved, while a high-risk or unverified extension may require manual approval or be restricted to an isolated developer environment. 

Several automated enforcement actions are available to ensure compliance as new extensions are installed, existing extensions are updated, and access is revoked, such as real-time alerts, forced uninstallations, or access revocations. Therefore, as browser extensions continue to become more and more prevalent across enterprise environments, there is a growing recognition that the risks they pose cannot be ignored as secondary. 

The report by LayerX is both a call to action and a blueprint for organizations to begin moving from passive tolerance to active governance, and is a call to action. By adopting a data-driven, structured approach to browser extension security, enterprises can reduce the risk they run from vulnerabilities while simultaneously maintaining the productivity gains that extensions were originally designed to deliver.
Read more »
Twitter X
Data Breach Digital Platform Digital World Elon Musk global outrage Soical Media Twitter Twitter users Twitter X

Global Outage Strikes Social Media Giant X

The recent global outage of Social Media Platform X caused a stir in the online community during a time when digital media predominates. Users everywhere became frustrated and curious about the cause of this extraordinary disruption when they realized they couldn't use the platform on December 21, 2023.

Reports of the outage, which was first discovered by Downdetector, began to arrive from all over the world, affecting millions of customers. The impact of the outage has increased because Social Media Platform X, a significant player in the social media ecosystem, has grown to be an essential part of peoples' everyday lives.

One significant aspect of the outage was the diverse range of issues users faced. According to reports, users experienced difficulties in tweeting, accessing their timelines, and even logging into their accounts. The widespread nature of these problems hinted at a major technical glitch rather than localized issues.

TechCrunch reported that the outage lasted for several hours, leaving users in limbo and sparking speculation about the root cause. The incident raised questions about the platform's reliability and prompted discussions about the broader implications of such outages in an interconnected digital world.

Assuring users that their technical teams were actively working to repair the issue, the platform's official response was prompt in admitting the inconvenience. Both users and specialists were in the dark, though, as there were few details regarding the precise cause.

Experts weighed in on the outage, emphasizing the need for robust infrastructure and redundancy measures to prevent such widespread disruptions in the future. The incident served as a reminder of the vulnerabilities inherent in our dependence on centralized digital platforms.

In the aftermath of the outage, Social Media Platform X released a formal apology, expressing regret for the inconvenience caused to users. The incident prompted discussions about the need for transparency from tech giants when addressing such disruptions and the importance of contingency plans to mitigate the impact on users.

Amidst the growing digitalization of our world, incidents such as the worldwide disruption of Social Media Platform X highlight the vulnerability of our interdependent networks. It's a wake-up call for users and tech businesses alike to put resilience and transparency first when faced with unanticipated obstacles in the digital space.
Read more »
Yahoo
Cyber Defence Cyber Security Digital World Geopolitical Protocols Russian Security Framework supply chain security Ukraine Yahoo

Russian Hackers Target Ukraine's Fighter Jet Supplier

 

A cyberattack on a Ukrainian fighter aircraft supplier has been reported, raising concerns about whether cybersecurity risks in the region are increasing. The incident—attributed to Russian hackers—highlights the need to have robust cyber defense strategies in a world where everything is connected.

According to a recent article in The Telegraph,  the cyber attack targeted Ukraine's key supplier for fighter jets. The attackers, suspected to have ties to Russian cyber espionage, aimed to compromise sensitive information related to defense capabilities. Such incidents have far-reaching consequences, as they not only threaten national security but also highlight the vulnerability of critical infrastructure to sophisticated cyber threats.

Yahoo News further reports that Ukrainian cyber defense officials are actively responding to the attack, emphasizing the need for a proactive and resilient cybersecurity framework. The involvement of top Ukrainian cyber defense officials indicates the gravity of the situation and the concerted efforts being made to mitigate potential damage. Cybersecurity has become a top priority for nations globally, with the constant evolution of cyber threats necessitating swift and effective countermeasures.

The attack on the fighter jet supplier raises questions about the motivations behind such cyber intrusions. In the context of geopolitical tensions, cyber warfare has become a tool for state-sponsored actors to exert influence and gather intelligence. The incident reinforces the need for nations to bolster their cyber defenses and collaborate on international efforts to combat cyber threats.

As technology continues to advance, the interconnectedness of critical systems poses a challenge for governments and organizations worldwide. The Telegraph's report highlights the urgency for nations to invest in cybersecurity infrastructure, adopt best practices, and foster international cooperation to tackle the escalating threat landscape.

The cyberattack on the supplier of fighter jets to Ukraine is an alarming indicator of how constantly changing the dangers to global security are. For countries to survive in the increasingly digital world, bolstering cybersecurity protocols is critical. The event emphasizes the necessity of a proactive approach to cybersecurity, where cooperation and information exchange are essential components in preventing cyberattacks by state-sponsored actors.
Read more »
Vulnerability and Exploits.
Cloud Platform Critical Flaws Data Exposure Digital World Malicious actor Salesforce Sensitive data Third Party Apps Vulnerability and Exploits.

ServiceNow Data Exposure Flaw Raises Concerns

ServiceNow, a popular enterprise cloud platform, was found to have a serious data exposure vulnerability. Concerns concerning the security of sensitive data in cloud-based systems have been highlighted by this occurrence, which has shocked the cybersecurity community.

According to reports from cybersecurity experts and firms, the vulnerability in ServiceNow's infrastructure could potentially lead to unauthorized access to sensitive data. The flaw, if exploited, could allow malicious actors to gain access to confidential information stored within the platform, posing a significant risk to organizations relying on ServiceNow for their day-to-day operations.

Enumerated, a cybersecurity firm, was among the first to identify and report the flaw. They disclosed that the issue stemmed from a misconfiguration in ServiceNow's security settings, leaving a gap that could be exploited by cybercriminals. This revelation has prompted immediate action from ServiceNow, as they work tirelessly to rectify the situation and implement robust security measures.

Salesforce, a leading cloud-based customer relationship management platform, was also mentioned in connection with the data exposure issue. While the exact nature of the link between Salesforce and ServiceNow remains unclear, experts speculate that this incident might highlight a broader concern regarding the security of cloud-based platforms and the need for enhanced vigilance in safeguarding sensitive data.

The cybersecurity community, along with industry experts, has been vocal about the importance of regular security audits and assessments for cloud-based platforms. This incident serves as a stark reminder of the potential risks associated with relying on third-party providers for critical business functions.

As the investigation into this data exposure flaw continues, organizations using ServiceNow are advised to review their security protocols and take immediate steps to mitigate potential risks. This includes ensuring that access controls and permissions are configured correctly and conducting thorough vulnerability assessments to identify and address any potential security gaps.

The ServiceNow data exposure vulnerability highlights how important it is for cloud-based platforms to have strong cybersecurity safeguards. It acts as a wake-up call for businesses, encouraging them to give security first priority and take preventative measures to protect sensitive data in an increasingly linked digital world.

Read more »
Threat Landscape
AI Data Feed Artificial Intelligence Digital World Technology Threat Landscape

Here's How to Monitor the AI Data Feed

 

AI has swept the world by storm in the past year, leaving some to wonder: Is AI the next big tech trend, a threat to human enslavement, or something much more subtle? 

It's not easy. Speaking of which, the fact that ChatGPT passed the bar test is both remarkable and somewhat concerning for attorneys. But several flaws in the program's functionality are already becoming apparent. For example, a lawyer using ChatGPT in court discovered that the bot had falsified parts of their arguments. 

Undoubtedly, AI will continue to grow in capabilities, but numerous significant issues persist. How can we be sure AI is trustworthy? How can we be certain that its good is impartial and unfiltered in addition to being accurate? How can we be sure the data utilised for training the AI model wasn't altered, and where does it come from? 

Any AI model, but particularly those that will soon be employed for defence, transportation, safety, and other areas where human lives are at risk, is put in danger when it is tampered with. 

Regulation is required for safe AI verification 

The adoption of AI shouldn't happen carelessly, even though national agencies from across the globe acknowledge that it will eventually develop into a crucial component of our systems and processes. 

The following are the two most crucial queries we must address: 

  • Does a specific system make use of an AI model? 
  • What tasks may an AI model be used to command or influence? 

There are far fewer chances of AI being exploited if we are certain that a model has been trained for the intended application and that we are aware of the precise location and capabilities of the model. 

AI can be verified using a variety of approaches, including hardware inspection, system inspection, sustained verification, and Van Eck radiation analysis. 

Hardware inspections are physical checks of computing equipment that are used to detect the presence of AI chips. System inspection techniques, on the other hand, employ software to analyse a model, establish what it is capable of controlling, and flag any functions that should be restricted. 

The technique operates by recognising and isolating a system's quarantine zones, which are intentionally obfuscated to safeguard intellectual property and secrets. Instead of revealing any sensitive information or IP, the software inspects the surrounding transparent components to detect and flag any AI processing employed in the system. 

Methods of deeper verification 

Sustained verification techniques occur beyond the initial inspection, guaranteeing that once a model is deployed, it is not changed or tampered with. Some anti-tampering procedures, such as cryptographic hashing and code obfuscation, are carried out within the model itself. 

An inspector can identify whether the base state of a system has changed using cryptographic hashing without revealing the underlying data or code. Methods of code obfuscation, which are still in development, scramble system code at the machine level such that it cannot be decoded by outside forces. 

Van Eck radiation analysis examines the pattern of radiation released by a system while it is functioning. Because complex systems have multiple concurrent processes running, radiation is sometimes jumbled, making it impossible to extract specific code. However, the Van Eck approach can detect significant changes (such as new AI) without interpreting any critical information that the system's deployers prefer to keep hidden. 

Looking forward 

Business leaders must understand, at a high level, what verification methods are available and how effective they are at detecting the use of AI, model alterations, and biases in the original training data. The first stage is to identify solutions. The platforms that power these technologies act as a key barrier against any disgruntled employee, industrial/military spy, or simple human error that can lead to dangerous problems when combined with sophisticated AI models. 

While verification will not address each obstacle for an AI-based system, it will go a long way towards guaranteeing that the AI model works as intended and that its ability to evolve unexpectedly or be tampered with is instantly discovered. AI is becoming more incorporated into our daily lives, and we must assure that we can trust it.
Read more »
Technology
AI technology Artificial Intelligence Automated Machine Digital World Technology

Will Artificial Intelligence Take Over the World?

 

In 2035, artificial intelligence-powered humanoid robots are a common sight. Robots saved Detective Del Spooner from a car accident, but they left a 12-year-old girl to die because her chances of survival were statistically lower than Detective Spooner's. For this reason, Detective Spooner hates robots. That gives some background information regarding the protagonist in Will Smith's film I, Robot. These humanoids eventually form a conspiracy to take over the entire planet. 

Is this the future of artificial intelligence? Will the machine get so powerful that it begins to think more intelligently than humans? Take note that I stated capable, not powerful. Without a question, computers are more powerful in terms of providing us with solutions faster than human brainpower, but are they more capable? That is what people are concerned about. 

No, artificial intelligence will not take over the world. I, Robot and other science fiction films fall within this category. However, advancements in technology such as ChatGPT and other Large Language models have reignited the argument. The capacity of AI tools to generate realistic-looking images, written content, and a variety of other applications has prompted fans to embrace the technology even more, while driving sceptics away. 

Artificial Intelligence (AI) is a promising tool that companies can employ to help their customer service strategy in the field of customer care and support. It has the ability to recreate at scale the best aspects of excellent customer service, improving the customer experience. However, human input and involvement are still necessary. 

Bogdan Maksak, Co-Founder of DigitalGenius, was interviewed by a local media outlet regarding AI and its impact on business. DigitalGenius is a pioneer in the "Human plus AI" movement, which holds that AI works best when combined with humans. 

Maksak feels that today's AI in customer service is appropriate for narrowly targeted tasks such as assisting a customer in swiftly changing a billing address or updating credit card information. Today, the finest applications are for automating repetitive tickets and duties that might otherwise overburden a customer care worker. 

Retail and ecommerce companies can employ Generative AI as a virtual assistant. A virtual assistant can answer queries as well as any human by combining AI with brand and domain knowledge, such as product descriptions, corporate policies, and shipping information. 

The AI can also be used to perform tasks for the agent. Generative AI might assist in crafting the optimal response or present a range of responses from which the agent could choose. It can aid in translation by enabling agents to respond to requests in any language. Furthermore, other AI solutions can automate duties such as generating return labels, contacting warehouses, or updating information in systems, allowing the agent to focus on the client engagement. 

Maksak sums it up this way: "AI can simply be a tool for the customer service reps, similar to how an accountant uses a calculator or a banker uses a spreadsheet." Can you imagine an accountant trying to perform complex tax calculations without the help of a calculator? That is how businesses should approach AI. It is a vital tool that, if it is not already, will be a "must have" technology rather than a "nice to have." 

Whether we realise it or not, artificial intelligence has hit a tipping point and has fast infiltrated our daily lives. Maksak understands that artificial intelligence is here to stay and that what we are witnessing is only the beginning.
Read more »
Subscribe to: Posts (Atom)