Connect with us

Technology

SquareX Discovers New Cybersecurity Attacks that Completely Bypass Secure Web Gateways (SWG), Leaving Most Enterprises Vulnerable.

Published

8 months ago

on

SINGAPORE, Aug 6, 2024 – SquareX Founder, Vivek Ramachandran, cybersecurity veteran with over 20 years of experience and founder/ex-CEO of Pentester Academy (acquired by INE), together with the security research team, will be delivering their latest findings in an upcoming main stage talk, titled Breaking Secure Web Gateways (SWG) for Fun and Profit! at DEF CON 32’ on Friday, August 9, 2024 at 5pm PT.

The talk will unveil ‘Last Mile Reassembly Attacks’, a new class of attacks that completely evade Secure Web Gateways (SWGs), a crucial component of modern Secure Access Service Edge (SASE) and Security Service Edge (SSE) solutions.

The web browser is the most used application within the enterprise but also the least protected. Bad actors are now increasingly targeting the weakest link: employees and consultants.

Unfortunately, most of these attacks happen online when the employee or consultant is going about his daily work. Existing security solutions like SWGs as part of SASE/SSE solutions are unable to protect users against modern web threats that happen on the client side. This makes it currently impossible for enterprise security teams to detect, mitigate and threat hunt these attacks.

Vivek Ramachandran and the SquareX team have conceptualized and identified a new class of attacks against SWG and cloud-based intercepting proxies, converting traditional attacks like malware downloads and malicious websites into something undetectable by all existing vendors in the Gartner Magic Quadrant.

This class of attack is called “Last Mile Reassembly Attacks”. The vulnerabilities the team discovered are architectural and vendor-agnostic, meaning there is no specific way to fix them.

These attacks will have a massive impact on SASE, as it is a $40 billion market, and every large security vendor has an SWG product vulnerable to this new class of attacks. This is an industry-first research highlighting attacks that we suspect may have been circulating in the wild for some time. As these client-side attacks are fundamentally different in nature to the attacks that SWGs typically detect, they have remained unnoticed. Upon revealing these attacks and the release of the accompanying toolkit, enterprise vendors can assess their security posture and build countermeasures.

During the main stage talk, Vivek will shed light on this Last Mile Reassembly Attacks” – where a file download, upload or site rendering never actually happens on the server side. Instead, the attack is assembled directly in the user’s browser using various techniques, which will be explained in detail during the talk. This way, malicious files can evade triggering SWGs, leaving many enterprises across the globe vulnerable to being attacked.

Researchers at SquareX will also demonstrate over 25 plus bypass methods, including chunking attacks, WASM payloads, and others.

“The research team and I are excited to be presenting the talk at DEF CON 32. This talk will challenge SASE, SSE vendors in the current space. We hope that vendors will rethink their reliance on cloud-based web attack detection models and understand the need for a client-side (either endpoint or browser-bjhased) security agent and browser-hardening to work in tandem with the SWG for accurate detection-mitigation of attacks,” says Vivek Ramachandran, Founder & CEO of SquareX.

Web attacks have far advanced and evolved in today’s world and if enterprises do not change the way they protect their users, they will essentially be vulnerable to these web threats and attacks. SquareX is dedicated to enhancing online security for enterprises. By bringing these vulnerabilities to light and advocating for a more comprehensive approach to browser security, the team’s research serves as a critical alert to the cybersecurity community.

The revealing of “Last Mile Reassembly Attacks” and the release of the accompanying toolkit are poised to challenge the way enterprise security teams think and will prompt enterprises to reassess their methods for protecting employees from browser-based attacks.

About SquareX:
SquareX helps organizations detect, mitigate and threat-hunt web attacks happening against their users in real time. With our innovative browser-native security product, SquareX safeguards enterprise users from a spectrum of web-based threats, encompassing malicious files, websites, scripts, and compromised networks.

About Vivek Ramachandran:
Vivek Ramachandran is a security researcher, book author, speaker-trainer, and serial entrepreneur with over two decades of experience in offensive cybersecurity. He is currently the founder of SquareX, building a browser-native security product focused on detecting, mitigating, and threat-hunting web attacks against enterprise users and consumers. Prior to that, he was the founder of Pentester Academy (acquired in 2021), which has trained thousands of customers from government agencies, Fortune 500 companies, and enterprises from over 140+ countries. Before that, Vivek’s company built an 802.11ac monitoring product sold exclusively to defense agencies.

Vivek discovered the Caffe Latte attack, broke WEP Cloaking, conceptualized enterprise Wi-Fi Backdoors, and created Chellam (Wi-Fi Firewall), WiMonitor Enterprise (802.11ac monitoring), Chigula (Wi-Fi traffic analysis via SQL), Deceptacon (IoT Honeypots), among others. He is the author of multiple five-star-rated books in offensive cybersecurity, which have sold thousands of copies worldwide and have been translated into multiple languages.

He has been a speaker/trainer at top security conferences such as Blackhat USA, Europe and Abu Dhabi, DEFCON, Nullcon, Brucon, HITB, Hacktivity, and others. Vivek’s work in cybersecurity has been covered in Forbes, TechCrunch, and other popular media outlets.

In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection, and Anomaly-based Intrusion Detection Systems. In 2021, he was awarded an honorary title of Regional Director of Cybersecurity by Microsoft for a period of three years, and in 2024 he joined the BlackHat Arsenal Review Board.

Related Topics:

Technology

STQC Certifies CP PLUS CCTV Cameras with ER IoTSCS Certification

Published

3 weeks ago

on

March 8, 2025

By

 CP PLUS proudly announces that its range of PTZ (Pan-Tilt-Zoom) and IPC (Internet Protocol Camera) devices has achieved the prestigious ER IoTSCS STQC certification. Awarded by the Standardization Testing and Quality Certification (STQC) Directorate under the Ministry of Electronics and Information Technology (MeitY), this certification underscores CP PLUS’s commitment to empowering public and private sectors with robust, reliable, and secure surveillance systems.

With ER IoTSCS STQC certification, CP PLUS’s PTZ and IPC cameras are validated for secure data handling, superior performance in diverse environments, and compliance with stringent national standards – essential attributes for critical and high-demand applications in India.

The ER IoTSCS STQC certification is a hallmark of excellence in IoT and electronic surveillance, designed to ensure that products perform reliably even in the most challenging scenarios. CP PLUS’s PTZ and IPC cameras are tested for data encryption, environmental resilience, image clarity, power efficiency, and network protocol compliance, making them ideal for critical sectors where high-security standards are paramount.

“At CP PLUS, we believe in delivering technology that not only leads the industry but also empowers our country to meet its security challenges head-on,” said Mr. Aditya Khemka, Managing Director, Aditya Infotech Limited. “Achieving the ER IoTSCS STQC certification is a testament to our unwavering commitment to excellence in security technology. It assures our customers that they are investing in products that meet the highest benchmarks of performance, safety, and quality.” said Mr. Aditya Khemka, Managing Director, Aditya Infotech Limited.

With this certification, CP PLUS’s PTZ and IPC camera range is poised to offer secure, resilient, and intelligent surveillance capabilities. We believe the certification also positions CP PLUS as a trusted partner for organizations that require compliance with national standards for security technology in government, critical infrastructure, and commercial applications.

We believe the ER IoTSCS STQC certification not only reinforces CP PLUS’s reputation for quality but also assures clients and partners that these surveillance solutions stand resilient under diverse conditions, such as extreme weather, dust, and high humidity levels. Moreover, the certification signifies enhanced data security measures in CP PLUS’s IoT-enabled products, with advanced data protection protocols and efficient power management, making these cameras an ideal choice for organizations seeking reliability and long-term value in their surveillance investments.

CP PLUS is committed to leveraging this achievement to lead India’s surveillance technology industry with innovative, high-performance solutions that meet the evolving demands of the nation.

Continue Reading

Technology

CSIR-CMERI Launches Nationwide Roadshow to Promote Revolutionary E-Tractor and E-Tiller Technologies

Published

4 weeks ago

on

March 6, 2025

By

CSIR-CMERI proudly announces the launch of a Nationwide Roadshow to introduce its cutting-edge E-Tractor and E-Tiller Technologies to the Indian agricultural sector. The roadshow will commence with a grand inauguration at Vigyan Bhavan, New Delhi, followed by a series of interactive sessions and live demonstrations across 11 key cities in India.

Empowering Farmers with Sustainable Innovation

The E-Tractor and E-Tiller, developed by CSIR-CMERI, are designed to revolutionize traditional farming practices by integrating environmentally friendly, cost-effective, and high-performance electric vehicle (EV) technology. This initiative aligns with India’s push towards sustainable and energy-efficient agricultural solutions. Dr. Jitendra Singh attends Nationwide Roadshow for E-Tractor and E-Tiller at CSIR-IIIM Jammu
Jammu, 6th March 2025: In a significant event at CSIR-IIIM Jammu, Dr. Jitendra Singh, Hon’ble Minister of Science & Technology, Government of India, presided over the Nationwide Roadshow for the revolutionary E-Tractor and E-Tiller developed by CSIR-CMERI, Durgapur. This initiative, which was officially inaugurated on 28th February 2025 at Vigyan Bhawan, New Delhi, aims to promote sustainable agricultural mechanization and empower small and marginal farmers across the country. The event at CSIR-IIIM Jammu was attended by Dr. Jitendra Singh, Hon’ble Minister of Science & Technology; Dr. Naresh Chandra Murmu, Director, CSIR-CMERI; Dr. Zabeer Ahmed, Director, CSIR-IIIM Jammu; and the Director of Sher-e-Kashmir Agricultural University, Jammu. Additionally, over 300 local farmers participated, making it a significant platform for engaging with stakeholders and promoting sustainable agricultural practices. Revolutionizing Sustainable Agriculture CSIR-CMERI is at the forefront of advancing sustainable and clean energy-driven agricultural technologies. The E-Tractor and E-Tiller are designed to address the needs of small and marginal farmers, offering eco-friendly alternatives to conventional diesel-powered machinery. These innovations mark a significant step toward green mechanization and the diffusion of advanced technologies in Indian agriculture. The E-Tractor, named CSIR-PRIMA ET-11, is a state-of-the-art electric tractor with a rated torque of 11 hp and a peak torque of 26 hp. It features a semi-synchro mechanical drivetrain, modular mainframe for easy maintenance, enhanced hydraulics, optimized weight-to-power ratio, and women-friendly ergonomics. Its vehicle-to-load capability makes it a versatile solution for small-scale farming. The Electric Tiller, introduced in 2024, is a multi-functional machine compatible with various agricultural implements such as rotavators, ploughs, and water pumps. It boasts advanced features like low hand-arm vibration, clutch-less operation, cruise mode, and ergonomic design, ensuring ease of use for all farmers, including women.
A Legacy of Innovation CSIR-CMERI has been a pioneer in agricultural mechanization since the post-independence era. The development of India’s first indigenous tractor in 1974 played a pivotal role in the Green Revolution, symbolizing the nation’s resolve for technological self-reliance. Over the years, the institute has consistently innovated, introducing the Sonalika 35 hp tractor in 2002, the Compact Tractor in 2020, and now the Electric Tractor in 2023. Technology Transfer to MSMEs To ensure widespread adoption, these cutting-edge technologies have been transferred to MSMEs, including M/s. K. N. Biosciences (Hyderabad) and M/s. Sunrise Transmission (Gujarat). This collaboration fosters innovation, creates business opportunities, and ensures the availability of these sustainable solutions to farmers across the country. Nationwide Roadshow The roadshow will cover the following CSIR laboratories: CSIR-IIIM Jammu (Jammu) CSIR-IHBT Palampur (Himachal Pradesh) CSIR-CoEFM Ludhiana (Punjab) CSIR-CBRI Roorkee (Uttarakhand) CSIR-CIMAP Lucknow (Uttar Pradesh) CSIR-AMPRI Bhopal (Madhya Pradesh) CSIR-NEERI Nagpur (Maharashtra) CSIR-IICT Hyderabad (Telangana) CSIR-CFTRI Mysore (Karnataka) CSIR-CECRI Karaikudi (Tamil Nadu) CSIR-NIIST Thiruvananthapuram (Kerala) The roadshow will showcase the E-Tractor and E-Tiller, engaging with farmers, policymakers, and other stakeholders to promote sustainable agricultural practices. Empowering Farmers and Building a Greener Future
This initiative underscores CSIR-CMERI’s commitment to empowering farmers and fostering sustainable agricultural mechanization. By addressing the needs of small and marginal farmers, these eco-friendly technologies pave the way for a greener and more inclusive future for Indian agriculture. Biplab Choudhury Phone: 8972044652 Email: bdg@cmeri.res.in Website: https://cmeri.res

Continue Reading

Technology

Lepton Software Showcases AI-Powered Geospatial Solutions at MWC, Driving Cost-Efficiency and Network Optimization

Published

4 weeks ago

on

March 3, 2025

By

Lepton Software, a global leader in geospatial intelligence and AI-driven network solutions, is set to unveil its latest AI-powered innovations at Mobile World Congress (MWC) 2025, demonstrating how advanced geospatial intelligence can enhance network operations, reduce costs, and improve decision-making for telecom operators and enterprises.

At Booth Number 10, Block 5A83, Bharat Pavilion, Lepton Software will showcase innovative AI solutions that help telecom companies streamline network planning, optimize 5G deployment, and automate fiber network operations, leading to significant cost savings and operational efficiency.

How Lepton Software’s AI Solutions Improve Network Operations and Reduce Costs

-Optimized 5G and Fiber Network Planning: AI-powered predictive models enable precise coverage forecasting, helping operators maximize network performance while minimizing investment waste.

-Automated Fiber Network Management: Intelligent automation streamlines the planning and rollout of fiber networks, reducing manual errors, resource waste, and deployment time.

-Geospatial AI for Cost Reduction: AI-driven insights help telecom providers reduce redundant infrastructure costs, identify underutilized assets, and enhance network expansion strategies.

– Proactive Network Maintenance & Risk Mitigation: Predictive analytics detect potential issues before they escalate, reducing downtime, maintenance costs, and service disruptions.

– Smarter Site Selection with AI: SmartMarket Data Intelligence leverages AI to identify the most profitable locations for infrastructure expansion, reducing CAPEX and improving ROI.

“The telecom industry is evolving rapidly, and AI-driven geospatial solutions are key to achieving cost efficiency, faster deployments, and improved network resilience,” said Dr. Rajeev Saraf, Founder and CEO, Lepton Software. “At MWC, we are excited to showcase how our AI-powered solutions empower telecom operators to optimize network investments, enhance performance, and deliver superior connectivity.”

With a legacy of over 30 years in geospatial intelligence, Lepton Software is trusted by leading telecom operators, ISPs, and enterprises for its data-driven solutions that accelerate digital transformation while cutting operational expenses.

Join Lepton Software at MWC Barcelona 2025, Booth Number 10, Block 5A83, Bharat Pavilion, to explore the future of AI-powered geospatial solutions for cost-effective network operations.

Continue Reading

Technology

MiCoB, SEPL and Kamnath Hospitality Redefine Coastal Luxury with 3DCP Cottages at Nagoa Beach

Published

1 month ago

on

February 20, 2025

By

Blending Tradition with Innovation using MiCoB’s 3D Concrete Printing Technology

MiCoB has transformed the landscape of Nagoa Beach, Diu, with its innovative 3D Concrete Printing (3DCP) technology in collaboration with SEPL, and M/S Kamnath Hospitality. The project features 30 3D-printed cottages inspired by the traditional bhunga huts of Gujarat’s Kutch region. Known for their circular design and resilience, these structures seamlessly blend Gujarat’s cultural heritage with cutting-edge construction techniques, creating a unique sustainable hospitality experience.

Designed to meet the demands of coastal hospitality, the cottages address challenges like environmental sensitivity, building insulation and corrosion. Moreover, their design allows for flexibility in compliance with environmental and regulatory considerations for coastal construction, making them a sustainable investment for the future.

“Our 3DCP technology has enabled us to reduce construction time from 8 months to 3 months  while maintaining the highest quality standards,” explains Rishabh Mathur, Cofounder and Chief Technology Officer at MiCoB.

By combining tradition with innovation, MiCoB delivered structures that are not only efficient and cost-effective but also environmentally conscious. Faster construction timelines, reduced material waste, and reduced total cost of ownership further highlight the advantages of 3DCP.These cottages stand as a testament to how modern technology can elevate traditional designs while enhancing the guest experience.

For Kamnath Hospitality, this project represents a step forward in redefining coastal hospitality, offering visitors the perfect mix of comfort and sustainability.

“Partnering with MiCoB for India’s first 3D-printed resort project has been an exceptional experience. Their cutting-edge technology and expertise allowed us to construct a state-of-the-art, 40-room luxury resort with 5-star amenities, setting a benchmark in sustainable and innovative construction. The attention to detail in addressing the challenges posed by the nearby coastline, including the impact of salty weather, was remarkable. Their team designed and implemented solutions that ensured the resort’s durability and structural integrity, maintaining its elegance and functionality over time.  This collaboration has redefined possibilities in the construction industry, and we couldn’t be more proud of the result. We highly recommend MiCoB to anyone seeking innovation, precision, and unmatched quality in their projects.” – Luv Mehta, CEO – SEPL

Guests at Nagoa Beach now can enjoy an experience that embodies the best of tradition, technology, and the serene beauty of the coast.

For more information, reach out to MiCoB at ankita@micob.in or

+91 8780379232

Continue Reading

Technology

Hikigai Inc. and Amrita Vishwa Vidyapeetham Join Forces to Pioneer AI in Healthcare: A Groundbreaking Partnership Set to Revolutionize the Sector

Published

1 month ago

on

February 17, 2025

By

In a pioneering move that underscores the evolving intersection of technology and healthcare, Hikigai Inc. has teamed up with Amrita Vishwa Vidyapeetham, Coimbatore, to establish a Joint Research Center for Artificial Intelligence in Healthcare. This strategic collaboration is set to catalyze transformative changes in the healthcare landscape, leveraging the power of AI and cutting-edge research to address some of the most pressing challenges in medical science today. The partnership was formalized with the signing of a Memorandum of Understanding (MoU), in a ceremony attended by key leaders from both organizations. Lalitha R, CEO of Hikigai, Krish Subramanian, CTO, Shubham Giri, Engineering Lead, and Madhumita Selvan from Hikigai were present alongside Prof. Parameswaran, Principal Director, Corporate and Industry Relations, Mr. Suresh Kodoor. Director – Academia Industry Partnership, Dr. K. P. Soman, Dean, School of AI, Dr. Prem J, Assistant Professor, School of AI, Dr. Sundaresan, Assistant Professor, School of AI, Mr. Sai Sundarakrishna, Chief Innovation Officer, CIR and Mr. Kiran Subramanian, Senior Manager, CIR from Amrita Vishwa Vidyapeetham, whose efforts have been instrumental in bringing this collaboration to fruition.

The Power of Collaboration: A Perfect Convergence of Innovation and Academia

This partnership is not just a meeting of minds but a fusion of academic excellence and industry innovation. Hikigai Inc., known for its cutting-edge AI solutions and robust technological expertise, joins hands with Amrita Vishwa Vidyapeetham, a leading institution with a reputation for groundbreaking research and a deep commitment to social relevance in healthcare. The collaboration leverages the synergies between the two entities—Hikigai’s deep technological prowess and Amrita’s world-class research capabilities—to address the most complex healthcare challenges. The newly established Joint Research Center will serve as a hub for AI-driven healthcare innovations, focusing on developing technologies that can dramatically improve healthcare delivery and patient outcomes.

A Glimpse into the Future: Personalized and Precision Medicine with AI

Healthcare is evolving toward a future where treatments are tailored to each patient’s unique needs. Breakthroughs in AI, nanotechnology, and automation are making this vision a reality.
  1. 🔹 AI for Personalized Care – Advanced AI models analyze vast medical data to enable earlier diagnoses and precision treatment plans, improving accuracy and patient.
  2. 🔹 Nanotechnology for Targeted Treatments – Microscopic medical tools deliver therapies directly to affected cells, minimizing side effects and accelerating.
  3. 🔹 AI-Powered Efficiency – Intelligent systems streamline clinical workflows, reduce administrative burdens, and enhance patient care.
This transformation is moving healthcare from a one-size-fits-all approach to truly individualized medicine—where every patient gets the right treatment at the right time. This collaboration will accelerate this future and transform healthcare.

Why This Partnership is Critical for the Future of Healthcare

This collaboration represents more than just technological advancement—it’s a critical step toward redefining the future of healthcare. Both organizations bring unique strengths to the table. Hikigai Inc. is at the forefront of AI innovation, with expertise in artificial intelligence, machine learning, and data analytics, making it an ideal partner for implementing the latest AI techniques in healthcare. Meanwhile, Amrita Vishwa Vidyapeetham, with its long history of research excellence, offers the academic rigor and interdisciplinary approach necessary for creating AI solutions that are not only effective but also socially responsible. Together, Hikigai and Amrita represent the ideal blend of industry expertise and academic depth, creating an ecosystem of collaboration that will shape the future of healthcare. The focus on AI and nanotechnology in this partnership is particularly timely, as both fields hold the key to solving many of the global healthcare challenges we face today, from escalating medical costs to the need for personalized and precision treatments. This partnership is more than just a collaboration; it’s a critical convergence that promises to unlock the next generation of healthcare solutions. With AI’s ability to process vast amounts of data and nanobots’ potential to deliver treatment on a cellular level, the research center is poised to make significant breakthroughs that will impact patient care, treatment outcomes, and healthcare delivery systems worldwide.

The Road Ahead: A Vision of Cutting-Edge Healthcare

As both Hikigai and Amrita Vishwa Vidyapeetham embark on this transformative venture, the world can expect to see a flurry of innovative healthcare solutions in the coming years. From AI-powered diagnostics to nanobots revolutionizing surgeries, the potential applications are boundless. As they work together, these two organizations will undoubtedly play a pivotal role in shaping the future of healthcare, turning their shared vision into reality and paving the way for a healthier, more efficient, and technology-driven world. For more information, contact us at pr@hikigai.ai

Continue Reading

Trending