Attacking the internal network from the public Internet using a browser as a proxy

March 19, 2019

At Forcepoint we continually seek to improve the protection our products provide. To this end, we often investigate unusual or potentially novel attack techniques. One such recent topic of research has been attacks against localhost and the internal network, launched from the public Internet. Though not a new attack, it is not widely known outside of the security research community that a malicious JavaScript can attack the internal network. Of the limited documentation that exists on this topic, most resources describe it in terms of inter-protocol exploitation [1] [2], whereas our focus is on intra-protocol exploitation.

Spotlight

CyberMDX

CyberMDX is a leading provider of medical cyber security, delivering zero touch visibility and threat prevention for medical devices and clinical assets. CyberMDX delivers a scalable, easy to deploy cyber security solution, providing unmatched visibility and protection of medical devices ensuring their operational continuity as well as patient and data safety. Identify, assess, detect, and prevent potential cyber-attacks with continuous discovery of medical devices, comprehensive risk assessment, and AI-based containment and response.

OTHER WHITEPAPERS
news image

How to Reduce the Risk of Phishing and Ransomware

whitePaper | March 21, 2021

Cybersecurity challenges abound for organizations across the world. The tsunami of phishing attacks that threaten account compromise, data breaches and malware infection remains a critical threat to neutralize. Ransomware is a second critical threat, with a well-played ransomware attack capable of bringing an organization to a complete halt, and in some cases putting it out of business permanently (e.g., Travelex1 and Vastaamo2.

Read More
news image

Google Cloud security foundations guide

whitePaper | April 19, 2021

This guide presents an opinionated view of Google Cloud security best practices, organized to allow users to adopt or adapt them and then automatically deploy them for their estates on Google Cloud. This document can be useful to you if you are a CISO, security practitioner, risk or compliance officer.

Read More
news image

Revolutionizing cybersecurity

whitePaper | October 31, 2021

FINX, a platform established since 2018 that is enabled by blockchain technology to create the world’s 1st comprehensive decentralized banking platform. FINX aspires to resolve the problem of high banking costs imposed by conventional banks and serve the unbanked market in Southeast Asia.

Read More
news image

AI Security White Paper

whitePaper | January 23, 2020

With the accumulation of big data, dramatic improvements in computing power, and continuous innovation in Machine Learning (ML) methods, Artificial Intelligence (AI) technologies such as image recognition, voice recognition, and natural language processing have become ubiquitous. Meanwhile, AI poses a significant impact on computer security: on the one hand, AI can be used to build defensive systems such as malware and network attack detection; on the other hand, AI might be exploited to launch more effective attacks.

Read More
news image

X-Force Threat Intelligence Index 2022

whitePaper | September 12, 2022

The world continues to grapple with a lasting pandemic, shifts to work-from-home and back-to-office, and geopolitical changes spawning a constant drone of mistrust. All of this equates to chaos, and it is in chaos that cybercriminals thrive.

Read More
news image

Project Blackfin: Automated Breach Detection Using Intelligent Agents

whitePaper | December 4, 2019

This paper describes a distributed anomaly detection approach designed to accurately track actions performed by adversaries across a network. The illustrated approach involves running multiple machine learning models on both endpoints and the network as well as on a centralized backend, and includes communication and replication of learned states between these models.

Read More

Spotlight

CyberMDX

CyberMDX is a leading provider of medical cyber security, delivering zero touch visibility and threat prevention for medical devices and clinical assets. CyberMDX delivers a scalable, easy to deploy cyber security solution, providing unmatched visibility and protection of medical devices ensuring their operational continuity as well as patient and data safety. Identify, assess, detect, and prevent potential cyber-attacks with continuous discovery of medical devices, comprehensive risk assessment, and AI-based containment and response.

Events