Top Categories Evading URL Link Analysis

Date :

Evasive Malicious Downloads

Date :

Jan – Dec, 2023


Date :

The Rise of Highly Evasive Adaptive Threats (HEAT)

A HEAT attack is a class of cyberthreat that leverages web browsers as the attack vector and employs various techniques to evade multiple layers of detection in current security stacks.

4 Characteristics of HEAT

HEAT attacks are one of the biggest unknown security threats organizations face. These threats leverage four evasive techniques to bypass legacy network security defenses such as sandboxes, anti-virus engines, malicious link analysis, offline domain analysis, and indicators of compromise (IoC) feeds:

By using ephemeral and/or compromised malicious sites with benign categorization

By abusing design functionality of popular sites that allow user content to be hosted on these web sites

By delivering attacks via other channels and collaboration platforms like MS Teams, Slack, OneDrive, LinkedIn, Zoom, WhatsApp etc. attackers are able to circumvent any traditional inspection on the email path.

These kind of attacks are also known as multi-channel attacks.

By using techniques like HTML smuggling and password protected archives attackers are able to bypass network based inspection engines like proxys and sandboxes.

By using obfuscated code and relying on techniques that construct malicious pages post-rendering by using the CSS elements attackers are able to bypass page inspection.

How It Works

Put your security stack to the test and find out if you’re currently vulnerable. Our HEATcheck assessment tool provides a self-service, lightweight penetration assessment to help organizations better understand susceptibility to various HEAT attacks. If vulnerable, we’ll share how to make these attacks never happen.

Login to HEATcheck

Obtain access credentials from Menlo Security

Select HEAT Attack Simulation

Choose from a menu of different benign HEAT simulations

View HEAT Assessment

View assessment results a la carte or with automated report