Palo Alto, California, April 16, 2025, CybernakeSweep
Squarex Researchers Jeswin Mathai and Audrey Adeline will disclose a new class of data removal technology at Bsides San Francisco 2025. Vendors listed by Gartner by leveraging architecture vulnerabilities in browsers.
DLP is the core pillar of all enterprise security stacks. A data breach can have serious consequences, including loss of IP, regulatory violations, fines and serious reputational damage. With over 60% of corporate data stored in the cloud, browsers have become the primary way for employees to create, access and share data. As a result, browsers have become particularly attractive targets for external attackers and insider threats. However, existing endpoints and cloud DLP solutions have limited telemetry and control over how employees interact with data on their browsers.
Additionally, there are some unique challenges when it comes to maintaining data lineage in your browser. This includes managing multiple personal and professional identities, the wide landscape of authorized Saas and Shadow SaaS apps, and numerous pathways through which sensitive data flows between these apps. Unlike managed devices that allow businesses to fully control what they can install on their devices, employees can easily sign up for a variety of SaaS services without the knowledge or supervision of their IT teams.
SquareX researcher Audrey Adeline says, “Data splicing attacks are a complete game changer for insider threats and attackers that are seeking to steal information from enterprises. They exploit newer browser features that were invented long after existing DLP solutions and thus the data exfiltrated using these techniques are completely uninspected, resulting in full bypasses. With today’s workforce heavily relying on SaaS apps and cloud Storage services, all organizations using browsers are vulnerable to data splicing attacks.”
As part of the talk, they will also release the open source toolkit “Angry Magpie.” This allows Pentesters and the Red Team to test their existing DLP stacks and better understand the organization’s vulnerability to data splicing attacks. Squarex hopes that the research highlights the serious threats browsers pose to data loss and serves as a call to action for businesses and vendors to rethink their data loss protection strategies.
Once the Bsides San Francisco is complete, the SquareX team will also be presented at RSAC 2025, allowing further discussion of the research at South Expo booth S-2361.
Talk details:
Title: Data Splicing Attack: Break Enterprise DLP from within
Speakers: Jeswin Mathai and Audrey Adeline
Event: Bsides San Francisco 2025
Location: San Francisco, California
Toolkit Release: Angry Magpie (Open Source)
About the speaker
Jeswin Mathai, Chief Architect, Squarex
Jeswin Mathai is Chief Architect at Squarex and leads the design and implementation of the company’s infrastructure. A veteran speaker and researcher, Jeswin presents his work on the prestigious international stages, including Defcon’s Def Con Us, Def Con China, Roothat Arsenal, Recon Village and Demo Labs. He also conveys his knowledge globally and trains in-classroom sessions at Black Hat Us, Asia, Hitb, Rootcon and Owasp NZ Day. He is also the creator of popular open source projects such as Awsgoat, Azuregoat, and Patoolkit.
Audrey Adeline, researcher
Audrey is currently leading the year of the Browser Bug (YOBB) project in Squarex, revealing several major architectural browser vulnerabilities so far. She is also the published author of the Browser Security Field Manual. Important discoveries from YOBB include polymorphic extensions, browser ransomware, and browser SyncJacking. All of these are covered in major publications such as Forbes, Bleeping Computer, and Mashable. She is passionate about promoting cybersecurity education and has held multiple workshops with women from Stanford University and Security and Privacy (WISP). Prior to Squarex, he was a cybersecurity investor at Sequoia Capital and graduated from Cambridge University with a degree in natural sciences.
About squarex
Squarex’s Industry First Browser Detection and Response (BDR) helps organizations detect, mitigate, and threaten client-side web attacks that target employees in real-time to users. This includes defense against identity attacks, malicious expansion, spear phishing, loss of browser data, and insider threats.
Squarex takes a research and attack-focused approach to browser security. Squarex’s dedicated research team was the first to discover and disclose multiple critical attacks, including Last Mile’s reassembly attacks, browser SyncJacking, polymorphism extensions, and browser native ransomware. As part of the year of the Browser Bug (YOBB) project, SquareX promises to continue to disclose at least one major architectural browser vulnerability each month.
contact
PR manager
Junice Liew
squarex
junice@sqrx.com
🚀Want to share the story?
Submit your stories to TechStartUps.com in front of thousands of founders, investors, PE companies, tech executives, decision makers and tech leaders.
Please attract attention
Source link
