SAN FRANCISCO — We're familiar with ransomware that attacks endpoints, databases and networks. But a lesser-known form of ransomware targets cloud and SaaS assets, operates entirely within web browsers, and can evade endpoint protections completely, said Nishant Sharma, a threat researcher at Zscaler, in a presentation at the BSides SF hacker conference here last week (March 22)."Industry has inve...
**Steelman:** Sharma’s presentation effectively exposes a critical blind spot in cybersecurity: the growing reliance on browsers as gateways to cloud services, coupled with inadequate protections against identity-based attacks. The demonstration of a browser-exclusive ransomware attack is compelling because it bypasses traditional defenses, highlighting how attackers adapt to exploit trust in cloud platforms. The focus on consumer vulnerability is particularly insightful, as enterprises often do...