Nick Dunn, IOActive Senior Security Consultant, will be presenting at this year’s BSides Prishtina, taking place May 22 – 23, in Prishtina, Kosova. Nick’s talk, “A Stealth and Safety Issue – Exfiltration using ‘data bouncing,'” focuses on the concept of “data bouncing” via a third-party web server. You can check out the abstract below!
ABOUT THE EVENT:
“BSIdes Prishtina 2026 is the third edition of BSides Prishtina and also Kosova’s first BSides security conference.
Kosova’s IT talent has been growing steadily over the last several years with a noticeable increate in information security students and professionals. After organizing several local InfoSec meetups over the last three years we decided it was time to organize a larger community event to gather and grow this talent.”
TALK ABSTRACT:
The concept of “data bouncing” via a third-party web server provides an extremely stealthy method of bypassing traditional network safeguards. By directing web requests to certain domains that process hostnames in headers, you can relay small pieces of data to your DNS listener, allowing you to collect and reconstruct data, in the form of strings, files, or any other type of data.
The recent discovery of this technique has received minimal publicity, which seems to be partly attributable to the unfamiliar use of familiar services, and partly to a lack of easy to use tooling. This talk aims to rectify both of these by providing a clear explanation of the concept and presenting a new tool to allow the exfiltration to be carried out easily.