SquareX researchers Jeswin Mathai and Audrey Adeline are set to unveil a groundbreaking discovery in the field of cyber security at the upcoming BSides San Francisco 2025 conference. The presentation, titled “Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out,” will showcase a range of innovative techniques that allow cyber attackers to extract sensitive data from organizations, circumventing traditional Data Loss Protection (DLP) measures recommended by Gartner.
In today’s digital landscape, safeguarding data is paramount for businesses to avoid dire consequences like intellectual property theft, regulatory violations, financial penalties, and reputational harm. With a majority of corporate information stored in cloud-based systems, web browsers have emerged as the primary platform for employees to generate, access, and share data. Consequently, browsers have become a prime target for both external malicious actors and internal threats within organizations. Despite the prevalence of endpoint and cloud-based DLP solutions, these tools often struggle to monitor and control data interactions within the browser environment effectively.
Furthermore, maintaining data integrity within browsers poses unique challenges due to the multitude of personal and professional identities users manage, the array of authorized and unauthorized cloud-based applications they utilize, and the various channels through which sensitive data can be transferred between these platforms. Unlike managed devices where IT departments have oversight over software installations, employees can easily subscribe to SaaS services sans the IT team’s approval, creating vulnerabilities in data protection mechanisms.
Audrey Adeline, a researcher at SquareX, emphasized the significance of data splicing attacks by stating, “Data splicing attacks represent a paradigm shift in the realm of insider threats and data theft. By leveraging novel browser functionalities that predate existing DLP solutions, cyber criminals can exploit these vulnerabilities to pilfer data undetected, effectively bypassing security measures. Given the prevalent use of SaaS applications and cloud storage services by contemporary workforces, organizations that rely on browsers are at risk of falling victim to data splicing attacks.”
As part of their presentation at BSides San Francisco, Mathai and Adeline will introduce “Angry Magpie,” an open-source toolkit aimed at empowering penetration testers and red teams to evaluate the effectiveness of their current DLP infrastructure and identify potential vulnerabilities to Data Splicing Attacks. SquareX hopes that this research will shed light on the critical data security risks posed by browsers and prompt enterprises and security vendors to reassess their data protection strategies.
Following their appearance at BSides San Francisco, the SquareX team will continue their engagement by presenting at RSAC 2025 and will be available for further discussions at Booth S-2361 in the South Expo area.
The groundbreaking talk, “Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out,” delivered by Jeswin Mathai and Audrey Adeline at BSides San Francisco 2025, highlights the growing importance of browser security in the age of digital transformation. With the proliferation of cyber threats targeting web browsers, organizations must prioritize robust security measures to safeguard sensitive data and mitigate the risk of data breaches.
Jeswin Mathai, Chief Architect at SquareX, possesses a wealth of experience in designing and implementing cutting-edge security solutions. With a history of presenting at prestigious international conferences and contributing to open-source projects, Mathai is a recognized authority in the cybersecurity community.
Audrey Adeline, a researcher at SquareX, leads the renowned Year of Browser Bugs (YOBB) initiative, which has uncovered critical vulnerabilities in browser architecture. Adeline’s expertise in browser security has been instrumental in advancing cybersecurity education and raising awareness about emerging threats in the digital realm.
SquareX’s Browser Detection and Response (BDR) platform represents a pioneering approach to defending against client-side web attacks targeting employees in real-time. By proactively addressing identity theft, malicious extensions, spear phishing, browser data leaks, and insider threats, SquareX enables organizations to enhance their security posture and safeguard critical data assets.
With a commitment to ongoing research and innovation, SquareX continues to push the boundaries of browser security with its Year of Browser Bugs (YOBB) project. By disclosing key vulnerabilities such as Last Mile Reassembly Attacks, Browser Syncjacking, Polymorphic Extensions, and Browser-Native Ransomware, SquareX remains at the forefront of cybersecurity research and development.
In conclusion, the research presented by SquareX researchers Jeswin Mathai and Audrey Adeline underscores the imperative for organizations to fortify their defenses against data splicing attacks and other threats targeting web browsers. By staying abreast of evolving cyber risks and adopting robust security measures, businesses can mitigate the impact of potential data breaches and safeguard their most sensitive information.