The Good Tech Companies - Palo Alto Networks Acknowledges SquareX Research On Limitations Of SWGs Against Last Mile Reassembly

Starting point is 00:00:00 This audio is presented by Hacker Noon, where anyone can learn anything about any technology. Paulo Alto networks acknowledges Square X research on limitations of SWGs against last-mile reassembly, by Cyber Newswire. Paulo Alto, California, September 18, 2025, Cyber Newswire, Square X first discovered and disclosed last mile reassembly attacks at DefCon 32 last year, warning the security community of 20-plus attacks that allow attackers to bypass all major SASE, SSE solutions and smuggle malware through the browser. Despite responsible disclosures to all major SASE, SSE providers, no vendor has made an official statement to warn its customers about the vulnerability in the past 13 months until two weeks ago. As more attackers are leveraging last-mile reassembly techniques to exploit enterprises, SASE, SSE vendors are beginning to recognize that proxy

Starting point is 00:00:53 solutions are no longer sufficient to protect against browser-based attacks, with Palo Alto networks being the first to publicly acknowledge that secure web gateways are a architecturally unable to defend against last-mile reassembly attacks. Greater than in the press release, Polo Alto networks recognized the attack as encrypted, greater than evasive attacks that assemble inside the browser and bypass traditional secure greater than web gateways. The release also recognized that the browser is becoming the greater than new operating system for the enterprise, the primary interface for AI and greater than cloud applications. Securing it is not optional. This marks a watershed moment in cybersecurity where a major incumbent SASE, a vendor publicly

Starting point is 00:01:35 admits the fundamental limitations of secure web gateways, SWGs, and acknowledges the critical importance of browser native security solutions exactly what SquareX has been advocating since pioneering this research. What are last-mile reassembly attacks? Last-mile reassembly attacks are a class of techniques that exploit architectural limitations of SWGs to smuggle malicious files through the proxy layer, only to be reassembled as functional malware in the victim's browser. In one technique, attackers break the malware into different chunks. Individually, none of these chunks trigger a detection by SWGs. Once they bypass proxy inspection, the malware is then reassembled in the browser. In another example, attackers

Starting point is 00:02:18 smuggle these malicious files via binary channels like WebRTC, GRPC, and Websockets. These are common communication channels you said be web apps like video conferencing and streaming tools, but are completely unmonitored by SWGs. In fact, many SWGs publicly admit this on their website Andre commend their customers disable these channels. In total, there are over 20 such techniques that completely bypass SWGs. While Paulo Alto Networks is the first to publicly admit this limitation, SquareX has demonstrated that all major SASE, SSE vendors are vulnerable and have been. been in touch with multiple solutions as part of responsible disclosures and to discuss alternative protection mechanisms. Data splicing attacks EX-F-I-L-T-R-A-T-I-N-G data with last-mile reassembly techniques since the discovery of last-mile reassembly attacks, Squarex's research team

Starting point is 00:03:11 conducted further research to see how attackers can leverage these techniques tosteel-sensitive data. At B-Side San Francisco this year, Squarex's talk on data splicing attacks demonstrated how similar techniques can be used by insider threats and attackers to share confidential files and copy-paste sensitive data in the browser, completely bypassing both endpoint DLP and Cloud S-A-S-E-D-L-P solutions. In fact, there has been an emergence of P2P file-sharing sites Thetello users to send any file with no DLP inspection. The year of browser bugs, pioneering critical browser security R-E-A-R-C-H-A-R-C-H-A-J's the browser becomes one of the most common initial access points for a attackers, browser security research plays a critical role in understanding and defending against

Starting point is 00:03:57 bleeding-edge browser-based attacks. Inspired by the impact of last-mile reassembly, Squarex launched a research project called the Year of Browser Bugs, disclosing a major architectural vulnerability every month since January. Some seminal research include polymorphic extensions, a malicious extension that can silently impersonate password managers and crypto wallet's to steal credentials, crypto and Paskey's poned, a major Paskey implementation flaw disclosed at DefCon 33 this year. Greater than, research has always been a core part of Squarex's DNA. We believe that the greater than only way to defend against bleeding edge attacks is to be one step ahead of greater than attackers. In the past year alone, we've discovered over

Starting point is 00:04:40 10-0-day greater than vulnerabilities in the browser, many of which we disclosed at major greater-than conferences like DefCon and Black Hat due to the major threat it poses to greater than organizations, says Vivek Ramachandran, the founder of Square X, Greater Than, Palo Alto Network's recognition of last-mile reassembly attacks represents a greater than major shift in incumbent perspectives on browser security. At SquareX, Greater Than Research has continued to inform how we build browser native defenses, greater than allowing us to protect our customers against last-mile reassembly attacks and greater than other novel browser native attacks even before we disclose the attack last greater than year. As part of their mission to further browser security

Starting point is 00:05:20 education, SquareX collaborated with CSOs from major enterprises like Campbell's and ERISA Networks to write the browser security field manual. Launched at Black Hat this year, the book serves as a technical guide for the cybersecurity practitioners to learn about bleeding edge attacks and mitigation techniques. Fair use disclaimer this site may contain copyrighted materials, including but not limited to the recent press release by Paulo Alto Network's stated September 4, 2025, the use of which has not always been specifically authorized by the copyright owner. Suck materials are made available to advance understanding of issues related to last-mile reassembly attacks which shall constitute a fair use of any such copyrighted material as provided

Starting point is 00:06:02 for under the applicable laws. If you wish Tauce copyrighted material from this site for purposes of your own that go beyond fair use, you must obtain permission from the respective copyright owner. About Squarex SquareX's browser extension turns any browser on any device into an enterprise grade secure browser. Squarex's industry first browser detection and response, BDR, solution empowers organizations to proactively defend against browser native threats including last mile reassembly attacks, rogue AI agents, malicious extensions and identity attacks. Unlike dedicated enterprise browsers, SquareX seamlessly integrates with users existing consumer browsers, delivering without compromising user experience.

Starting point is 00:06:44 Users can find out more about Squarex's research-led innovation at WWW. SQRX.com. Contact head of PR Junis Leu SquareX Junis at SQRX. Com this story was published as a press release by CyberNewswire under Hackernoon's business blogging program. Do your own research before making any financial decision. Thank you for listening to this Hackernoon story, read by artificial intelligence. Visit hackernoon.com to read, write, learn and publish.

The Good Tech Companies - Palo Alto Networks Acknowledges SquareX Research On Limitations Of SWGs Against Last Mile Reassembly

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.