Global cybersecurity experts are raising serious concerns over the newly identified cyber threat known as Data Splicing Attacks, which poses a significant threat to thousands of businesses worldwide. It seems that even the most advanced Data Loss Prevention (DLP) tools that are currently being used are unable to stop the sophisticated data exfiltration technique.
A user can manipulate sensitive information directly within the browser, enabling the attacker to split, encrypt or encode it into smaller fragments that will remain undetected by conventional security measures because they can manipulate data directly within the browser. By fragmenting the data pieces, they circumvent the detection logic of both Endpoint Protection Platforms (EPP) and network-based tools, only to be reassembled seamlessly outside the network environment in which they were found.
As a further contributing factor to the threat, malicious actors are using alternatives to standard communication protocols, such as grpc and Webrtc, and commonly used encrypted messaging platforms, such as WhatsApp and Telegram, as a means of exfiltrating data. As a result of these channels, attackers can obscure their activities and evade traditional SSL inspection mechanisms, making it much more difficult to detect and respond to them.
An important shift in the threat landscape has taken place with the introduction of Data Splicing Attacks, which require immediate attention from both enterprises and cybersecurity professionals. Data exfiltration, a growing concern within the cybersecurity industry, refers to the act of transferring
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.