Risky Bulletin Sponsored: ConsentFix and Push Security's browser attack taxonomy
5 snips
Dec 14, 2025 In this conversation, Mark Orlando, Push Security's Field CTO and an expert in detection and response, shares insights on evolving browser-based attacks. He introduces ConsentFix, a unique attack that hijacks OAuth consent grants, and explains its sophisticated workings, including evasion of detection mechanisms. The discussion highlights browsers as blind spots, revealing the limitations of existing security models and the crucial need for modern taxonomies in combating phishing and in-browser threats. Orlando's research-driven approach aims to enhance community awareness and defenses.
AI Snips
Chapters
Transcript
Episode notes
Browser Is A Contested Security Domain
- The browser is a contested security battleground that many teams ignore.
- Existing mental models like MITRE ATT&CK need extending to cover in-browser threats.
Extend Taxonomies, Don't Replace Them
- Extend existing taxonomies rather than replace them to cover new browser techniques.
- Use catalogs like Push's phishing evasion and SAS attack matrices to align detection and response.
Sophistication Now Happens At Scale
- Sophisticated multi-stage attacks are no longer rare, targeted events; they happen at scale now.
- The increased velocity of attacks raises the need for shared language and rapid operational updates.