Wednesday, October 16, 2024
Homecyber securityBehave - A New Browser Extension to Find websites that Perform Browser-Based...

Behave – A New Browser Extension to Find websites that Perform Browser-Based Port Scans or Attack

Published on

Malware protection

A new browser extension published dubbed Behave! that warns the user if the website tries to perform a port scan or launch DNS based attacks.

The web sites port scanning issue came into light after a script found on the eBay website that performs local port scans on a user computer to check for remote access.

The port scanning conducted by LexisNexis’ ThreatMetrix fraud protection script that used to detect fraudulent purchases.

- Advertisement - SIEM as a Service

Following to that number of popular websites found using the fraud protection script scans local for remote access programs.

According to report here are some of the popular websites include Citibank, TD Bank, Ameriprise, Chick-fil-A, Lendup, BeachBody, Equifax IQ connect, TIAA-CREF, Sky, GumTree, and WePay port scanning our computers.

Behave! Browser Extension

The extension was created by Stefano Di Paola, co-founder, CTO, and Chief Scientist of MindedSecurity, the extension was created aiming to warn users if the website abuses browser features to scan or to launch any attacks.

Behave

The extension monitors and warns the user if they perform any of the following actions:

  • Browser-based Port Scan
  • Access to Private IPs
  • DNS Rebinding attacks to Private IPs

The extension alerts the user if port scanning is performed, the default limit is 20 if the browser session exceeds the limit, then browser extension warns the user.

Also, it alerts users if a web page tries to directly access a local IP and if DNS resolves to a private IP.

Behave

“Behave! keeps track if a hostname is resolved with multiple IPs, and will alert if there’s some mixing between public IPs and private ones.”

The extension is available to download for Firefox and Chrome browsers. You can also disable or enable alerts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

HORUS Protector Delivering AgentTesla, Remcos, Snake, NjRat Malware

The Horus Protector crypter is being used to distribute various malware families, including AgentTesla,...

ErrorFather Hackers Attacking & Control Android Device Remotely

The Cerberus Android banking trojan, which gained notoriety in 2019 for its ability to...

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

CoreWarrior Malware Attacking Windows Machines From Dozens Of IP Address

Researchers recently analyzed a CoreWarrior malware sample, which spreads aggressively by creating numerous copies...

Threat Actor ProKYC Selling Tools To Bypass Two-Factor Authentication

Threat actors are leveraging a newly discovered deepfake tool, ProKYC, to bypass two-factor authentication...

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...