Be Fearless Online: In Browser Malicious File Detection Part 1 episode artwork

EPISODE · Feb 9, 2024 · 51 MIN

Be Fearless Online: In Browser Malicious File Detection Part 1

from Phillip Wylie Show · host Phillip Wylie

About the Guest: Jeswin Mathai is the Chief Architect at SquareX. He leads the team responsible for designing and implementing the Infrastructure. Prior to joining SquareX, He was working as the chief architect at INE. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo Labs (DEFCON). He has also been a co-trainer in-classroom training conducted at Black Hat Asia, HITB, RootCon, and OWASP NZ Day. He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security. Episode Summary: In this riveting episode of the "Philip Wylie Show," listeners are invited to explore the intricate world of cybersecurity with Jeswin Mathai, who returns to discuss the innovative features of Squarex. Designed to bolster online safety, Squarex addresses the challenges individuals face with malicious files, particularly through email and other online communication platforms. Jeswin demonstrates Squarex's ground-breaking in-browser malicious file detection capability against the backdrop of increasing macro-based cyber threats. These threats often exploit macros within documents to compromise systems, a technique that has persisted in popularity among cybercriminals. Jeswin also touches upon the limitations of traditional antivirus solutions and email client security in detecting such risks. Key Takeaways: Squarex's new feature conducts an in-browser analysis of files to promptly detect malicious content, enhancing email client security. Traditional antivirus programs and email clients often fail to adequately detect or block macros, a common vector for cyber attacks. Attackers can exploit file type mismatches and employ social engineering tactics to deliver malicious payloads through seemingly benign document files. Jeswin unveils techniques such as "VBA Stomping" and "VBA Purging" that attackers use to bypass antivirus detection. Squarex offers solutions to safely convert potential macro-threats into clean or PDF versions within the browser, providing a privacy-centric approach to cybersecurity. Notable Quotes: "Anytime you receive a malicious attachment…we are going to do in-browser file analysis." - Jeswin Mathai "It's kind of interesting because, like going through the OSCP course, one of the payloads they were mentioning during that time, this was back 2012, 2013, was using macros in the payloads." - Phillip Wylie "Gmail, when it comes to webmail client, has the most amount of market share…72% is just Gmail." - Jeswin Mathai "So the way mail clients work is, let's say here, we'll consider the example of Gmail…" - Jeswin Mathai "The sad part about COVID was a lot of things happened that we are not aware of because the sad event of COVID, the deaths…a lot of other attention or other issues were not given that much amount of attention and they never came to the light of the public." - Jeswin Mathai Resources: Get your free Chrome plugin: ⁠http://sqrx.io/pw_x⁠ ⁠https://www.linkedin.com/company/getsquarex/⁠ ⁠https://twitter.com/getsquarex⁠ ⁠https://www.instagram.com/getsquarex/

About the Guest: Jeswin Mathai is the Chief Architect at SquareX. He leads the team responsible for designing and implementing the Infrastructure. Prior to joining SquareX, He was working as the chief architect at INE. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo Labs (DEFCON). He has also been a co-trainer in-classroom training conducted at Black Hat Asia, HITB, RootCon, and OWASP NZ Day. He has a Bachelor's degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals and conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security. Episode Summary: In this riveting episode of the "Philip Wylie Show," listeners are invited to explore the intricate world of cybersecurity with Jeswin Mathai, who returns to discuss the innovative features of Squarex. Designed to bolster online safety, Squarex addresses the challenges individuals face with malicious files, particularly through email and other online communication platforms. Jeswin demonstrates Squarex's ground-breaking in-browser malicious file detection capability against the backdrop of increasing macro-based cyber threats. These threats often exploit macros within documents to compromise systems, a technique that has persisted in popularity among cybercriminals. Jeswin also touches upon the limitations of traditional antivirus solutions and email client security in detecting such risks. Key Takeaways: Squarex's new feature conducts an in-browser analysis of files to promptly detect malicious content, enhancing email client security. Traditional antivirus programs and email clients often fail to adequately detect or block macros, a common vector for cyber attacks. Attackers can exploit file type mismatches and employ social engineering tactics to deliver malicious payloads through seemingly benign document files. Jeswin unveils techniques such as "VBA Stomping" and "VBA Purging" that attackers use to bypass antivirus detection. Squarex offers solutions to safely convert potential macro-threats into clean or PDF versions within the browser, providing a privacy-centric approach to cybersecurity. Notable Quotes: "Anytime you receive a malicious attachment…we are going to do in-browser file analysis." - Jeswin Mathai "It's kind of interesting because, like going through the OSCP course, one of the payloads they were mentioning during that time, this was back 2012, 2013, was using macros in the payloads." - Phillip Wylie "Gmail, when it comes to webmail client, has the most amount of market share…72% is just Gmail." - Jeswin Mathai "So the way mail clients work is, let's say here, we'll consider the example of Gmail…" - Jeswin Mathai "The sad part about COVID was a lot of things happened that we are not aware of because the sad event of COVID, the deaths…a lot of other attention or other issues were not given that much amount of attention and they never came to the light of the public." - Jeswin Mathai Resources: Get your free Chrome plugin: ⁠http://sqrx.io/pw_x⁠ ⁠https://www.linkedin.com/company/getsquarex/⁠ ⁠https://twitter.com/getsquarex⁠ ⁠https://www.instagram.com/getsquarex/

NOW PLAYING

Be Fearless Online: In Browser Malicious File Detection Part 1

0:00 51:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. Breaking News Show | eTurboNews Juergen Thomas Steinmetz News is relevant to the global travel and tourism industry, human rights and global issues.Breaking news when it happens and only from the source. PodQuesting Dwight J Randolph- WolfShield Media PodQuesting: -By WolfShield Media and Dwight J RandolphJoin us on an exciting journey to master the world of fiction podcasting! At PodQuesting, we document our quest to improve and innovate, sharing valuable insights, strategies, and behind-the-scenes tips along the way. Whether you're an experienced podcaster or just starting your first show, our podcast is your go-to resource for everything podcasting.Discover practical advice, creative techniques, and lessons from our own experiences as we explore the ever-evolving podcasting landscape. Ready to level up your skills and embark on this adventure with us? Tune in and join the quest!Have questions or feedback? Reach out to us at [email protected] and visit our website:WolfShield.Media Denn sie wissen was sie wandern Manuel Andrack Alles über Premiumwanderwege, die schönsten Wege in Deutschland. Sensationelle Outdoor-Erlebnisse auf 750 Premiumwegen. Moderiert von Manuel Andrack (Sidekick der Harald Schmidt Show) und Klaus Erber (Vorsitzender des Deutschen Wanderinstituts.)

Frequently Asked Questions

How long is this episode of Phillip Wylie Show?

This episode is 51 minutes long.

When was this Phillip Wylie Show episode published?

This episode was published on February 9, 2024.

What is this episode about?

About the Guest: Jeswin Mathai is the Chief Architect at SquareX. He leads the team responsible for designing and implementing the Infrastructure. Prior to joining SquareX, He was working as the chief architect at INE. He has published his work at...

Can I download this Phillip Wylie Show episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!