On December 24th, 2024, a phishing attack compromised a Cyberhaven employee's access to the Google Chrome Web Store.
Following up on the final analysis of the December 24, 2024 security incident affecting our Chrome extension and dozens of others, we are sharing additional findings from telemetry gathered by our most recent Chrome extension, version 24.10.6. We are sharing these findings for the benefit of the wider security community.
Following our preliminary analysis of the December 24, 2024 security incident affecting our Chrome extension, we engaged Booz Allen Hamilton to conduct an independent investigation. Today, we're sharing their findings along with details about the lessons learned and actions taken or that will be taken based on this incident.
Last week, Cyberhaven’s Chrome extension was compromised as part of a larger campaign targeting web extension developers. Security researchers have discovered the same code actively embedded in other extensions dating back to May 2024, and Secure Annex has been maintaining an active list of compromised extension versions and a thorough analysis of the situation, and we highly recommend monitoring it - https://secureannex.com/blog/cyberhaven-extension-compromise/
Data security is about securing the secrets that belong to your organization. But it’s no secret that solutions like data loss prevention and insider risk management have barely evolved since their inception as on-premise applications designed to protect data from leaking outside the corporate perimeter. Cyberhaven was founded on the premise that there is a better way to do data security for hybrid organizations at the technological frontier that need better tools to provide uniform protection and visibility across the network, endpoint, and cloud.
Recently, we have been through an uncanny experience here at Cyberhaven: An Innovation Week.
Simultaneously addressing productivity, compatibility, configuration, and management is crucial in the realm of endpoint security agents. This article delves into the effects agents have on endpoint user productivity, a metric designed to measure the direct and indirect performance impact of security agents. Security tools, unlike other software, must integrate deeply with the operating system and third-party applications, which, when managed poorly, can impact the smooth flow of standard business operations. As a security solution vendor, our solution to this problem is to introduce the concept of an impact budget as well as impact safeguards.
A two-machine approach to debugging Apple’s EndpointSecurity.framework
Through a hybrid architecture, modern endpoint security software can balance the tradeoff between security and productivity.
At Cyberhaven, we enable organizations to directly protect the information that is the most valuable to them regardless of what the content is or how it is used. In short, organizations can now greatly extend their visibility into data risk and enforce real-time policies to mitigate that risk and prevent loss.
Cyberhaven has upended what the industry has come to expect from old-school DLP by introducing data protection that is far more reliable, easier to use, and can be applied consistently to any type of data or content. Unlike the traditional signature and tagging-based approaches that have dominated DLP for years, Cyberhaven introduces a novel approach to data protection that leverages graph analysis to let organizations see and control their data and risk in a new light.
Today's data tagging is opaque. It usually starts with a discovery phase where a tool will crawl throughout various data repositories deemed to be sensitive.