SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Chinese APT Abuses VSCode to Target Government in Asia
September 6, 2024
Unit 42 researchers recently found that Stately Taurus abused the popular Visual Studio Code software in espionage operations targeting government entities in Southeast Asia. Stately Taurus is a Chinese advanced persistent threat (APT) group that carries out cyberespionage attacks. This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target ...
- CVE-2024-23119: Critical SQL Injection Vulnerability in Centreon
September 6, 2024
The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-23119, assessed its impact and developed mitigation measures for this vulnerability. CVE-2024-23119 is a high-severity SQL Injection vulnerability in Centreon, impacting Centreon Web versions prior to 22.10.17, 23.04.13, and 23.10.5. Centreon is a widely used network, system and application monitoring tool. This issue resides ...
- US Department of Homeland Security looks to infosec testbed to help protect ports
September 6, 2024
The US Department of Homeland Security has outlined plans to enhance cyber security through the Maritime Transport System (MTS).The department’s aim is to protect the system and infrastructure used to ensure safe and free navigation of US waterways. Ports are a vital part of the US economy, contributing $649 to GDP and generating 13 million jobs. ...
- Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
September 5, 2024
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm ...
- Zyxel Releases Multiple Security Advisories
September 4, 2024
Zyxel has released 3 security advisories to address vulnerabilities in Zyxel firewalls, Access Points (APs), extenders, and security router devices. In the first security advisory, Zyxel describes seven vulnerabilities found in their ATP and USG FLEX firewall product lines. Two vulnerabilities could allow an attacker to create a denial-of-service (DoS) condition, four vulnerabilities could allow an ...
- Mallox ransomware: in-depth analysis and evolution
September 4, 2024
Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide. In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released ...