Evading Secure Web Gateways with Last Mile Reassembly Attacks

SquareX
Malicious files
Attacks Detected By Secure Web Gateways
Malicious files
Hiding in Plain Sight
Hiding malware within components of a webpage and extracting it on the client side.
Malicious files
File Chunk Attacks
Breaking up/transforming malicious file into parts and reconstructing it on the client side.
Malicious files
Unmonitored Channels
Sending malware through difficult-to-monitor channels.
Malicious files
File Encryption
Encrypting a malicious file and decrypting on the client side
Malicious files
File Encoding
Encoding a malicious file and decoding it on client side.
Malicious files
File Upload Attacks
Transforming the file locally before sending it over the network.
Malicious files
Phishing Attacks
Obfuscating malicious website in various forms and reconstructing phishing site on the client side.