Palo Alto, California, April sixteenth, 2025, CyberNewsWire
SquareX researchers Jeswin Mathai and Audrey Adeline will likely be disclosing a brand new class of knowledge exfiltration methods at BSides San Francisco 2025. Titled “Information Splicing Assaults: Breaking Enterprise DLP from the Inside Out”, the discuss will display a number of knowledge splicing methods that may permit attackers to exfiltrate any delicate file or clipboard knowledge, fully bypassing main Information Loss Safety (DLP) distributors listed by Gartner by exploiting architectural vulnerabilities within the browser.
DLP is a core pillar of each enterprise safety stack. Information breaches can lead to extreme penalties together with IP loss, regulatory violations, fines, and extreme reputational injury. With over 60% of company knowledge being saved within the cloud, browsers have turn out to be the first approach for workers to create, entry, and share knowledge. Consequently, the browser has turn out to be a very enticing goal for exterior attackers and insider threats alike. But, present endpoint and cloud DLP options have restricted telemetry and management over how workers work together with knowledge on the browser.
Moreover, there are a number of distinctive challenges relating to sustaining knowledge lineage within the browser. This contains managing a number of private {and professional} identities, the extensive panorama of sanctioned and shadow SaaS apps, and the quite a few pathways by which delicate knowledge can circulate between these apps. Not like managed units the place enterprises have full management over what will be put in on the system, workers can simply join numerous SaaS providers with out the IT group’s data or oversight.
SquareX researcher Audrey Adeline says, “Information splicing assaults are an entire recreation changer for insider threats and attackers which can be looking for to steal data from enterprises. They exploit newer browser options that have been invented lengthy after present DLP options and thus the information exfiltrated utilizing these methods are fully uninspected, leading to full bypasses. With in the present day’s workforce closely counting on SaaS apps and cloud storage providers, any group that makes use of the browser is weak to knowledge splicing assaults.”
As a part of the discuss, they may also be releasing an open-source toolkit, “Offended Magpie”, which is able to permit pentesters and purple groups to check their present DLP stack and higher perceive their group’s vulnerability to Information Splicing Assaults. SquareX hopes that the analysis will spotlight the extreme threats that browsers pose on knowledge loss and function a name to motion for enterprises and distributors alike to re-think their knowledge loss safety methods.
Upon the completion of BSides San Francisco, the SquareX group may also be presenting at RSAC 2025 and will likely be accessible at Sales space S-2361, South Expo for additional discussions on the analysis.
Discuss Particulars:
Title: Information Splicing Assaults: Breaking Enterprise DLP from the Inside Out
Audio system: Jeswin Mathai and Audrey Adeline
Occasion: BSides San Francisco 2025
Location: San Francisco, CA
Toolkit Launch: Offended Magpie (Open Supply)
Concerning the Audio system
Jeswin Mathai, Chief Architect, SquareX
Jeswin Mathai serves because the Chief Architect at SquareX, the place he leads the design and implementation of the corporate’s infrastructure. A seasoned speaker and researcher, Jeswin has showcased his work at prestigious worldwide phases resembling DEF CON US, DEF CON China, RootCon, Blackhat Arsenal, Recon Village, and Demo Labs at DEFCON. He has additionally imparted his data globally, coaching in-classroom classes at Black Hat US, Asia, HITB, RootCon, and OWASP NZ Day. He’s additionally the creator of in style open-source initiatives resembling AWSGoat, AzureGoat, and PAToolkit.
Audrey Adeline, Researcher
Audrey at the moment leads the 12 months of Browser Bugs (YOBB) challenge at SquareX which has disclosed a number of main architectural browser vulnerabilities up to now. She can also be a printed creator of The Browser Safety Area Guide. Key discoveries from YOBB embody Polymorphic Extensions, Browser Ransomware and Browser Syncjacking, all of which have been lined by main publications resembling Forbes, Bleeping Pc and Mashable. She is enthusiastic about furthering cybersecurity schooling and has run a number of workshops with Stanford College and Girls in Safety and Privateness (WISP). Previous to SquareX, Audrey was a cybersecurity investor at Sequoia Capital and graduated from the College of Cambridge with a level in Pure Sciences.
About SquareX
SquareX’s industry-first Browser Detection and Response (BDR) helps organizations detect, mitigate, and threat-hunt client-side net assaults concentrating on workers taking place towards their customers in real-time. This contains defending towards identification assaults, malicious extensions, spearphishing, browser knowledge loss, and insider threats.
SquareX takes a analysis and attack-focused strategy to browser safety. SquareX’s devoted analysis group was the primary to find and disclose a number of pivotal assaults, together with Final Mile Reassembly Assaults, Browser Syncjacking, Polymorphic Extensions, and Browser-Native Ransomware. As a part of the 12 months of Browser Bugs (YOBB) challenge, SquareX commits to proceed disclosing at the very least one main architectural browser vulnerability each month.
Contact
Head of PR
Junice Liew
SquareX
[email protected]
