SquareX researchers Jeswin Mathai and Audrey Adeline will unveil innovative data exfiltration techniques at BSides San Francisco 2025. Their talk, "Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out," will showcase methods to exfiltrate sensitive data using browser vulnerabilities, undermining traditional Data Loss Protection (DLP) measures. As over 60% of corporate data resides in the cloud and browser interactions grow, DLP systems face challenges in monitoring data usage effectively. Emergent threats from attackers and insider threats highlight the pressing need for enhanced data security in today's digital landscape.
"Data splicing attacks are a complete game changer for insider threats and attackers that are seeking to steal information from enterprises. They exploit newer browser features that were invented long after existing DLP solutions."
"DLP is a core pillar of every enterprise security stack. Data breaches can result in severe consequences including IP loss, regulatory violations, fines, and severe reputational damage."
Collection
[
|
...
]