Blog

LayerX Labs

LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users

A new phishing attack campaign, targeting Mac users and identified by LayerX Labs, shows the trials and tribulations of combating online phishing, and how attacks morph and shift in response to adaptations by security tools. For the past few months, LayerX has been monitoring a sophisticated phishing campaign that initially targeted Windows users by masquerading […]

LayerX Labs

The Enterprise GenAI Data Security Report 2025: How Enterprises Consume GenAI Tools

GenAI has become an essential component in the employee toolkit. Yet, going beyond bombastic headlines such as these, actual quantitative data about how AI applications are being used remains surprisingly scarce. At LayerX, our enterprise browser extension provides us with visibility into users’ activities in the browser, where GenAI application usage takes place. We can […]

Press Releases

LayerX’s Enterprise GenAI Security Report 2025: Exposing Hidden AI Security Blind Spots

New York, February 27, 2025 – LayerX Security, a leader in user-first browser extensions for enterprise security, has released its Enterprise GenAI Security Report 2025, delivering insights into how organizational users interact with Generative AI tools and where hidden security gaps emerge. Based on real-life telemetry data from LayerX’s enterprise customers, the report offers a […]

LayerX Labs

Attack Campaign Targeting Browser Extensions: What Happened, Who’s Impacted, How to Protect Yourself, and How LayerX Can Help (Rolling Updates)

LayerX Labs

How a Simple DocuSign Email Could Have Cost Us Everything: A Close Call with Phishing

During the past few weeks, LayerX Labs identified a phishing campaign that impersonates legitimate DocuSign emails, attempting to trick victims into revealing sensitive information. Here’s what happened, and how LayerX prevented a potential security disaster. It started like any other Monday morning. Sarah, a senior account manager (a fictional character for illustration purposes), was going […]

LayerX Labs

LayerX Labs Identifies New AI Attack Vector: GPT Masquerading Attacks

LayerX Labs has identified a novel attack vector for malicious actors to try and extract sensitive data from unsuspecting users: GPT Masquareding Attacks.  In this attack, hackers impersonate legitimate GPTs hosted on OpenAI’s ChatGPT platform in order to lure users to fake versions of those GPTs and send the data that users share with the […]

LayerX Labs

LayerX Labs Identifies New Zero-Hour Phishing Attack Mimicking Microsoft Security Notifications

LayerX Labs identified a new zero-day phishing campaign that impersonates Microsoft security notifications to lure victims into sharing their login credentials and payment details.  The attack mimics a Microsoft Windows Defender security alert, urging users to call a hotline number, enter their credentials, and provide payment to the call center to ‘secure’ their computer.  This […]

Executive Viewpoint

Security Best Practices in the Aftermath of the Snowflake Data Breach

Data warehousing giant Snowflake disclosed on May 23, 2024, that they experienced a data breach affecting at least 165 of its customers. Since Snowflake’s customers are industry giants such as LiveNation and Santander Bank, this incident is already shaping up to be one of the most significant data breaches in history. Snowflake has not yet […]

Executive Viewpoint

The TLS Paradox: How Traffic Encryption Is Actually Leaving You Exposed

Web traffic encryption (AKA SSL, TLS, HTTPS) has long been the norm for most web services, particularly so for corporate SaaS applications such as Salesforce, Microsoft Outlook 365, and Skype. To help protect this traffic from eavesdropping and potential sensitive data exposure, end-to-end encryption is a critical and effective security measure for reducing risk. Organizations, […]

Executive Viewpoint

What is Shadow IT?

Shadow IT is the phenomenon of employees using IT systems, devices, software, applications, and services within an organization without explicit approval from the IT department. Employees usually choose this path when the available IT solutions provided by their organization do not meet their needs, are too cumbersome, or are perceived as inefficient. As a result, […]

Company News

LayerX Now Available in the Microsoft Azure Marketplace

Microsoft Azure customers worldwide now gain access to LayerX to take advantage of the scalability, reliability, and agility of Azure to drive application development and shape business strategies. LayerX Security, a leading provider of enterprise browser security solutions, today announced the availability of its browser security extension LayerX in the Microsoft Azure Marketplace, an online […]

Executive Viewpoint

What is URL Filtering?

URL filtering is the security process for blocking or allowing access to specific websites based on their URLs. The primary objective is to prevent users from accessing content that is deemed inappropriate, harmful, or not related to their tasks. This widely popular Internet usage policy is often implemented in various environments, from workplaces to educational […]

Executive Viewpoint

Malicious Browser Extensions: Threats and Security Solutions

In 2019, a network of browser extensions, primarily for Chrome, was revealed to have been scraping sensitive data from as many as four million users. The scraped data included PII, browsing history, medical information, and more. The data was then monetized through a commercialization scheme. This breach became known as the DataSpii incident, and it […]

Executive Viewpoint

BYOD Alternatives for Your Enterprise

BYOD (Bring Your Own Device) has become a popular strategy for many enterprises, aiming to blend the convenience of personal devices with professional requirements. But is BYOD able to live up to its promise for increased flexibility and heightened productivity? In reality, BYOD introduces serious cybersecurity challenges. This is not to say BYOD shouldn’t be […]

Executive Viewpoint

The Importance of a DLP Solution for Your Enterprise

Data Loss Prevention (DLP) solutions help enterprises protect sensitive information from unauthorized access or exfiltration. For example, ensuring that intellectual property, personal information, financial records, and health records, are not lost, misused, or accessed by unauthorized individuals. As such, DLPs are a key solution in the organization’s cybersecurity strategy and stack. This blog post dives […]

Executive Viewpoint

The Future of Enterprise Browsers

With businesses shifting to cloud-based services and remote or hybrid work becoming ubiquitous, the web browser has become the central hub of enterprise productivity. As such, it also requires dedicated security controls. Enterprise browsers and extensions are the security solutions that protect against web-borne threats and risks that exploit the browser. In this blog post, […]

Executive Viewpoint

Virtual Desktop Infrastructure Alternatives you Should Consider

Virtual Desktop Infrastructure Alternatives you Should Consider Virtual Desktop Infrastructure (VDI) is a remote connectivity technology that operates by hosting a user’s desktop environment on a remote server/virtual machine. This makes the desktop accessible from any device with an internet connection. With VDIs, organizations get flexibility for remote work, since VDIs free employees from having […]

Executive Viewpoint

Shadow IT in the Hybrid Work Era

Globalization and cloudification have enabled the adoption of remote and hybrid work models. This new workstyle provides businesses and employees with unprecedented flexibility, access to a global talent pool, and the ability to expand to new markets, among several other benefits. However, it has also driven a new risky practice: Shadow IT. “Shadow IT” is […]

Executive Viewpoint

Secure Browsing Practices For Your Business

In recent years, the browser has become the core working interface. However, web-borne cyber attacks and data breaches can compromise sensitive data, disrupt business operations, and even lead to financial losses. IT teams are responsible for implementing robust cybersecurity practices controls that protect against malware, ransomware, phishing attacks, pasting sensitive data into ChatGPT, and other […]

Executive Viewpoint

Taming the Wild Web with Browser Security: A CISO’s Perspective

The browser security industry is rapidly gaining prominence and capturing significant attention in the cybersecurity landscape. A number of browser security companies have been established as an answer to the market’s demand for securing the most popular organizational workspace. Without browser security solutions, CISOs are left to trust cloud security solutions, which were designed to […]

Executive Viewpoint

Malicious Chrome Extensions You Should Remove from Your Browser

Chrome extensions are small software programs that can be added to the Google Chrome web browser to enhance its functionality and customize their browsing experience. They are typically developed by third-party developers and can be found in the Chrome Web Store. But while Chrome extensions offer numerous benefits, they can also pose potential vulnerabilities to […]

Executive Viewpoint

Why are Security Leaders Moving from Browser Isolation to Browser Security Extension Solutions?

More and more security decision makers have come to realize that the browser is the ultimate frontline against multiple cyber threats. This insight has led them to add Browser Isolation solutions to their security stacks. However, we have lately witnessed an increasing trend of security professionals who are moving away from these solutions and towards […]

Executive Viewpoint

How to Detect and Protect Your Business from Phishing Attacks

In recent years, businesses have witnessed a concerning rise in phishing attacks. According to the Verizon DBIR 2023, phishing is one of three primary ways in which attackers access an organization. These deceptive tactics exploit human vulnerabilities, tricking employees into revealing sensitive information or granting unauthorized access to cybercriminals. As a result, they pose a […]

Executive Viewpoint

New Research: How Risky is GenAI Data Exposure Risk?

As an industry leader in browser security, we are committed to shedding light on the risks associated with revolutionary technologies, like GenAI tools. Our latest research, “Revealing the True GenAI Data Exposure Risk”, provides critical insights into the scope and nature of these risks. Specifically, we examine the troubling risk of data exfiltration through GenAI. […]

Executive Viewpoint

Cyber Security Risks of ChatGPT and Generative AI Tools

Generative AI tools like ChatGPT are taking the world by storm. Like any new technology, CISOs need to find a way to embrace the opportunities while protecting the organization from generative AI and ChatGPT risks. Let’s explore the opportunities and security best practices in this article. What is Generative AI? Generative AI is a type […]

Executive Viewpoint

2023 Browser Security Survey Report: Key Findings

As the adoption of SaaS continues to soar, the browser has become the key work interface in today’s corporate world. However, this heavy reliance on browsers also exposes organizations to a range of cybersecurity threats and operational risks they need to protect against. To gain insights into how CISOs are managing these security challenges, we […]

Executive Viewpoint

The Importance of Browser Security in Financial Companies

Financial firms have not been exempt from the spur in cybersecurity attacks. According to the 2022 Verizon DBIR report, “The Financial sector continues to be victimized by financially motivated organized crime, often via the actions of Social (Phishing), Hacking (Use of stolen credentials) and Malware (Ransomware).” Therefore, to protect and secure customer data and meet […]

Executive Viewpoint

Protecting Your Company’s Data Crown Jewels: How to Solve ChatGPT Security Risks with LayerX Browser Security Platform

With ChatGPT being 1.16 billion users strong, it has become an inseparable part of many people’s lives. This significant user base requires security and IT teams to find and implement a solution in their stack that can protect the organization from its potential security vulnerabilities.  This is not a hypothetical risk; numerous reports of potential […]

LayerX Labs

Malicious iPhone application distributed using sophisticated desktop malvertising campaign

In the last few years, both attackers and defenders have increased their capabilities in the infinite cat-and-mouse game. Attackers have scaled their phishing operations for stealing credentials and identities. Defenders have adopted a zero trust security approach in which users often use their mobile devices to authenticate into their desktop applications. The chase goes on. […]

Executive Viewpoint

The Dark Side of Enterprise Browsers: Fact-Checking 6 of Their Claims

In 2022 there was tremendous hype around browser security and enterprise browsers. But while they claim to provide “enterprise grade security”, enterprise browsers are actually far from perfect. In fact, they have some critical downsides. What are they and what’s the alternative? In this blog I will distinguish between browser security and enterprise browsers, address […]

Executive Viewpoint

2023 Browser Security Annual Report Reveals Emerging Browsing Risks and Blind Spots that Security Teams Must Address

As we spend more time online, the security of our browsers has become increasingly important. Our browsers are the gatekeepers to the vast amount of information available on the internet, and protecting them from threats is crucial to keeping organizations’ data safe. In the “2023 Browser Security Annual Report” (download the full report here), we […]

Executive Viewpoint

Top 5 Browsers – How Secure Are They for Your Business?

New year, new cyber threats. Experts predict that consumer data will be at high risk this year, and attackers are likely to get it through attacks on large corporations and financial institutions, among others. As you assess your security going into 2023, you’ll want to make sure all the bases are covered, including browser security. […]

Executive Viewpoint

Reputation-based Security is Not Working. What Now?

In the past couple of years, we have witnessed unprecedented growth in cyber attacks originating from the web: phishing schemes, social engineering, malware sites and other malicious attacks. One of the main security services offered on the market nowadays for user protection against these threats is reputation-based URL filters. Reputation-based security services determine the security […]

Executive Viewpoint

Mitigate the LastPass Attack Surface in your Environment with the LayerX Free Tool

The latest breach announced by LastPass is a major cause for concern to security stakeholders. As often occurs, we are at a security limbo – on one hand, as LastPass has noted, users followed LastPass best practices would practically be exposed to zero to extremely low risk. However, saying that password best practices are not […]

Executive Viewpoint

The Rise of Phishing and How to Protect Your Organization From Advanced Attacks

What is Phishing? Phishing is a type of cybersecurity attack in which malicious actors disguise themselves as a trusted person, website or other entity and interact directly with the victim through messages. The bad actors use these messages to obtain sensitive information or deploy malicious software on the victim’s infrastructure. In an organization, once a phishing […]

Executive Viewpoint

Browser Isolation Out; Browser Security In

With 80% of web attacks being browser-borne, organizations are constantly exposed to various attacks when employees use their browser. These include drive-by downloads, malvertising, malicious code injection, cross site scripting and many others. As a result, organizations are constantly searching for effective ways to protect against web-borne  risks, threats and attacks. Some organizations turn to […]

Company News

Why We Built LayerX: Picking Up Where Legacy Browser Security Fails

The idea to build a browser security platform has been on my mind for several years. In the last decade, I have seen and experienced the browser security world from both sides of the barricade. First, during my service as an information warfare specialist in the IDF Intelligence directorate, and then in my career as […]