The Good Tech Companies - SquareX To Uncover Data Splicing Attacks At BSides San Francisco, A Major DLP Flaw
Episode Date: April 16, 2025This story was originally published on HackerNoon at: https://hackernoon.com/squarex-to-uncover-data-splicing-attacks-at-bsides-san-francisco-a-major-dlp-flaw. DLP is a ...core pillar of every enterprise security stack. Data breaches can result in severe consequences including IP loss, regulatory violations, fines, and se Check more stories related to tech-stories at: https://hackernoon.com/c/tech-stories. You can also check exclusive content about #cyberscurity, #squarex, #cybernewswire, #press-release, #cybersecurity-awareness, #cyber-threats, #cybercrime, #good-company, and more. This story was written by: @cybernewswire. Learn more about this writer by checking @cybernewswire's about page, and for more stories, please visit hackernoon.com. SquareX researchers will be disclosing a new class of data exfiltration techniques at BSides San Francisco 2025. The talk will demonstrate multiple data splicing techniques that will allow attackers to exfiltrate any sensitive file or clipboard data. They will also be releasing an open-source toolkit, “Angry Magpie”, which will allow pentesters and red teams to test their existing DLP stack.
Transcript
Discussion (0)
This audio is presented by Hacker Noon, where anyone can learn anything about any technology.
Square X to uncover data splicing attacks at B-Side San Francisco,
a major DLP flaw, by Cyber Newswire.
Palo Alto, California, April 16, 2025, Cyber Newswire, Square X researchers Jeswin Matai
and Audrey Adeline Wolbe disclosing a new class of data exfiltration techniques at B-Side San Francisco 2025.
Titled, Data Splicing Attacks.
Breaking Enterprise DLP from the inside out.
The talk will demonstrate multiple data splicing techniques that will allow attackers to exfiltrate
any sensitive file or clipboard data, completely bypassing major data loss protection, DLP.
Vendors listed by Gartner by exploiting
architectural vulnerabilities in the browser.
DLP is a core pillar of every enterprise security stack.
Data breaches can result in severe consequences including IP loss, regulatory violations,
fines, and severe reputational damage.
With over 60% of corporate data being stored in the cloud, browsers have become the primary
way for employees to create, access, and share data.
Consequently, the browser has become a particularly attractive target for external attackers and
insider threats alike.
Yet, existing endpoint and cloud DLP solutions have limited telemetry and control over how
employees interact with data on the browser.
Additionally, there are several unique challenges when it comes to maintaining data lineage in the browser. This includes managing multiple personal and professional identities, the wide landscape
of sanctioned and shadow SaaS apps, and the numerous pathways in which sensitive data can
flow between these apps. Unlike managed devices where enterprises have full control over what can be installed on
the device, employees can easily sign up for various SaaS services without the IT team's
knowledge or oversight.
Greater than Square X researcher Audrey Adeline says, data-splicing attacks are a complete
greater-than-gamechanger for insider threats and attackers that are seeking to steal greater-than-information
from enterprises.
They exploit newer browser features that were greater than invented long after existing
DLP solutions and thus the data exfiltrated using greater than these techniques are completely
uninspected, resulting in full bypasses.
With greater than today's workforce heavily relying on SaaS apps and cloud storage services,
any greater than organization that uses the browser as vulnerable to data splicing attacks.
As part of the talk, they will also be releasing an open-source toolkit, Angry Magpie, which
will allow pentesters and red teams to test their existing DLP stack and better understand
their organization's vulnerability to data splicing attacks.
Square X hopes that the research will highlight the severe threats that browsers pose on data
loss and serve as a call to action for enterprises and vendors alike to rethink their data loss protection
strategies. Upon the completion of B-Side San Francisco, the Square X team will also bepresenting
at RSAC 2025 and will be available at Booth S2361, South Expo for further discussions on the research.
Talk details. Title.
Data splicing attacks.
Breaking enterprise DLP from the inside out speakers.
Jeswin Matai and Audrey Adeline event.
Beside San Francisco 2025 location.
San Francisco.
CA Toolkit release.
Angry Magpie.
Open source.
About the speakers Jeswin Matai, chief architect, Square X Jezwin Matai serves as the Chief Architect at Square X, where he leads the design and implementation of the company's infrastructure.
A seasoned speaker and researcher, Jezwin has showcased his work at prestigious international stages such as DEFCON US, DEFCON China, ROOTCON, Black Hat Arsenal, RECON Village, and demo labs at Defcon. He has also imparted his
knowledge globally, training in classroom sessions at Blackhat US, Asia, HITB, Rootcon, and OWASPNZ Day.
He is also the creator of popular open-source projects such as AWS Goat, Azure Goat, and PA Toolkit.
Audrey Adeline, researcher Audrey currently leads the year of browser bugs, Yob, project
at Square X which has disclosed multiple major architectural browser vulnerabilities to date.
She's also a published author of the Browser Security Field Manual.
Key discoveries from Yobb include polymorphic extensions, browser ransomware and browser
sync jacking, all of which have been covered by major publications such as Forbes, Bleeping Computer and Mashable.
She is passionate about furthering cybersecurity education and has run multiple workshops with
Stanford University and Women in Security and Privacy, WISP.
Prior to Square X, Audrey was a cybersecurity investor at Sequoia Capital and graduated
from the University of Cambridge with a degree in natural sciences. About Square X Square X's industry first browser detection and response,
BDR, helps organizations detect, mitigate, and threat hunt client-side web attack star
getting employees happening against their users in real-time. This includes defending against
identity attacks, malicious extensions, spearfishing, browser data loss, and insider threats.
Square X takes a research and attack-focused approach to browser security.
Square X's dedicated research team was the first to discover and disclose multiple pivotal attacks,
including last-mile reassembly attacks, browser sync jacking, polymorphic extensions, and browser native ransomware.
As part of the year of browser bugs, Yobb Project, Square X commits to continue disclosing
at least one major architectural browser vulnerability every month.
Contact head of prjunis liyu square x junis at sqrx.com.
Tip This story was distributed as a release by CyberNewsWire under Hacker Noon's business
vlogging program.
Learn more about the program here.
And thank you for listening to this Hacker Noon story, read by Artificial Intelligence.
Visit hackernoon.com to read, write, learn and publish.