Big Browser - Attacking & Defending the Process that Knows Everything
Browsers know everything about us and compromising a browser means compromised passwords and cookies, eventually leading to MFA bypass and compromised sessions. Browsers like Chrome, Firefox, and maybe Edge are our gateway to the internet, making them a prime target for credentials stealing attacks. In fact, threat actors and credentials stealing malware commonly target browsers to compromise stored credentials and session cookies. So although it seems that browsers are extremely sensitive processes running on our endpoints, are we protecting them effectively? In this session, I will be reviewing common credentials stealing malware and techniques and a new attack surface - the browser memory that exposes cookies and passwords (in clear text); Lastly, I will review how to mitigate the common and new credentials compromising techniques.