Gmail BitM Defense
Browser-in-the-Middle attacks against Gmail, what makes them different from AiTM
BitM streams a real attacker-controlled browser to the victim instead of cloning HTML. FIDO2 does not help. The …
Gmail BitM Defense
Detecting BitM against Gmail, network signals, browser signals, and the Workspace audit query
RFB protocol handshake on a WebSocket. Canvas-rendered login pages with no password input in the DOM. Input lag …
Gmail BitM Defense
BitM Shield and the broader posture, what actually stops Browser-in-the-Middle
BitM Shield is a free Chrome extension we built and verified in our research lab. It blocks the …
Gmail BitM Defense
Responding to a Gmail BitM compromise, the OAuth-revoke step every other playbook skips
Password rotation does not revoke the OAuth refresh token. Sign-out-all-sessions does not revoke the OAuth refresh token. Until …