SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
May 28, 2024
Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and job ...
- pcTattleTale spyware leaks database containing victim screenshots, gets website defaced
May 28, 2024
The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the target’s device. What goes around ...
- ABN Amro on alert as supplier hit by ransomware attack
May 28, 2024
ABN Amro is warning customers that their personal details may be at risk after a ransomware attack at one its supplier. The ransomware attack was inflicted on AddComm, which distributes documents and tokens physically and digitally to ABN Amro clients and employees. External cybersecurity experts are currently investigating exactly what data has been stolen at AddComm. Read ...
- Spying, hacking and intimidation: Israel’s nine-year ‘war’ on the ICC exposed
May 28, 2024
When the chief prosecutor of the International criminal court (ICC) announced he was seeking arrest warrants against Israeli and Hamas leaders, he issued a cryptic warning: “I insist that all attempts to impede, intimidate or improperly influence the officials of this court must cease immediately.” Now, an investigation by the Guardian and the Israeli-based magazines +972 ...
- Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
May 27, 2024
Cybercriminals and Advanced Persistent Threat (APT) actors share a common interest in proxy anonymization layers and Virtual Private Network (VPN) nodes to hide traces of their presence and make detection of malicious activities more difficult. This shared interest results in malicious internet traffic blending financial and espionage motives. A prominent example of this includes a cybercriminal ...
- Threat landscape for industrial automation systems, Q1 2024
May 27, 2024
In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Building automation has historically led the surveyed industries in terms of the percentage of ICS computers ...