Research Saturday 10.1.22
Ep 252 | 10.1.22

Targeting your browser bookmarks?

Show Notes

David Prefer from SANS sits down with Dave to discuss how a new covert channel exfiltrates data via a browser's built-in bookmark sync. David goes on to describe how this research will "describe how the ability to synchronize bookmarks across devices introduces a novel vector for data exfiltration and other misuses."

In the research, he shares how he tested his said hypothesis and goes on to describe how the interesting find was tested on multiple browsers including Chrome, Edge, Brave and Opera. In his research, he found that bookmarks are able to keep data and synchronize it, making it easier to infiltrate and extract data from. David shares the rest of his findings, as well as what organizations and browser developers can do to work on this new threat.

The research can be found here: