Two minutes on… HEAT attacks evading HTTP traffic inspection

Threat actors have been setting their sights on web browsers since before the pandemic and the worldwide shift to hybrid work, so it makes sense that attacks on the browser have ramped up even more now. These attacks have been evolving to meet the times with a class of threats the Menlo Labs team has termed Highly Evasive Adaptive Threats (HEAT), which make quick work of legacy security technology.

Many organizations have yet to catch up to these evolving tactics, and solutions like HTTP traffic inspection are quickly becoming outdated. The logic behind HTTP traffic inspection seems solid on the surface — scan all web traffic for malicious content, and block anything that appears malicious. But that logic fails when attackers learn how to hide malicious content like with HEAT attacks.

Fortunately, there’s a way to stop these attacks. Menlo Security Senior Cybersecurity Strategist, Neko Papez, breaks down how in the video below.