Full Segment Notes
The browser is now the frontline of cyberattacks. Learn how attackers hijack sessions, bypass MFA, abuse malicious extensions, and use browser-based phishing to compromise users and how security teams can stop them.
Thank you to our sponsor for this webcast, Push Security!
If your security stack can’t see what’s happening in the browser, attackers already know where your blind spot is. Register for an upcoming SC Media webcast at https://scworld.com/webcasts and learn how security leaders are closing the gaps traditional tools miss.
Key Moments
- 0:00 - Introduction & Why Browser Security Matters
- 01:40 - What Push Security Does in the Browser
- 03:10 - Why the Browser Is a Major Attack Target
- 05:45 - Why Traditional Security Tools Miss Browser Threats
- 09:00 - Research-Led Security & Attacker Tradecraft
- 13:10 - Session Hijacking & Stolen Browser Sessions
- 16:20 - OAuth Abuse & Post-Authentication Risk
- 17:05 - MFA Downgrade Attacks Explained
- 21:40 - ClickFix & FileFix Attacks
- 25:00 - Browser-Based Phishing Outside Email
- 29:10 - Real-Time Detection & Browser Intervention
- 32:10 - Protecting Passwords in the Browser
- 35:10 - Fish Kits, Evilginx & Credential Harvesting
- 39:15 - Password Managers, Autofill & Risk
- 42:00 - Browser Coverage, Platforms & Extension Controls
- 47:00 - Passkeys, SaaS Sprawl & Identity Gaps
- 51:10 - Product Direction & Future of Browser Security
- 59:20 - Final Takeaways
