Register to Watch On-Demand:

In March 2025, SquareX disclosed Browser-Native Ransomware, or how ransomware has now evolved to target the browser.


With the migration of critical data to cloud and third-party SaaS applications, attackers no longer need to deliver malware to endpoints. Instead, they've developed numerous, low-effort methods to gain access to sensitive data through browser-based techniques. Without ever hitting the disk, browser-native ransomware attacks never trigger EDR inspection.


It is only a matter of time before an intelligent adversary conducts the first large-scale ransomware campaign without ever touching the device, and in this webinar, SquareX’s field CISO John Carse will cover the tectonic shift towards browser-based attacks, different ways the attack can be executed and how enterprises can protect themselves.

What’s Covered

Overview of Browser-Native Ransomware

  • The shift towards browser-based attacks
  • Traditional vs. Browser-Native Ransomware

Attacker TTPs

  • File Storage Browser-Native Ransomware
  • Email Browser-Native Ransomware
  • Browser-Native Ransomware via Browser Syncjacking

Preventing Browser-Native Ransomware attacks

  • Mitigation using SquareX Browser Detection and Response

Q&A 

Register Now

Speakers

John Carse

Field CISO, SquareX

John Carse is Field CISO at SquareX, bringing over two decades of cybersecurity expertise to the role. His journey in cybersecurity began in 2003 while working with the US Navy, leading to extensive experience across Japan, Bahrain, Hawaii and Singapore. Prior to joining SquareX, John held executive security roles at major organizations including Dyson, Rakuten, Expedia Group, and JPMorgan.


At SquareX, John combines his deep technical knowledge and business experience to help enterprises understand and defend against browser-based attacks. A seasoned technologist with multiple cloud security patents, he holds an MBA in Entrepreneurship from IE Business School and a Bachelor's in Computer and Information Science from the University of Maryland Global Campus.

Given that browser-native ransomware attacks fully operate within the browser, only a browser-native security solution can defend against them.
SquareX’s BDR can detect and mitigate identity attacks, the initial access point for browser-native ransomware, including malicious extensions, shadow SaaS, OAuth scope management and advanced spearphishing attacks.

Find Out More

Copyright © 2025. All rights reserved.