SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability
April 17, 2024
An integer overflow vulnerability exists in the Libarchive library included in Microsoft Windows. The vulnerability is due to insufficient bounds checks on the block length of a RARVM filter used for Intel E8 preprocessing, included in the compressed data of a RAR archive. A remote attacker could exploit this vulnerability by enticing a target user into ...
- Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread
April 16, 2024
Last year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800). FortiGuard Labs has developed an IPS signature to tackle this issue. Recently, their researchers observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and ...
- Trust Wallet Issues Warning to Apple Users About Zero-Day Exploit in iMessage
April 16, 2024
Trust Wallet, a popular web3 wallet, has issued a warning to Apple users, urging them to disable iMessage due to “credible intel” regarding a zero-day exploit. The company shared the alert on X, stating that the exploit, which is being sold on the Dark Web, could potentially allow hackers to take control of users’ iPhones without ...
- From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
April 16, 2024
Proofpoint researchers track numerous state-sponsored and state-aligned threat actors. TA427 (also known as Emerald Sleet, APT43, THALLIUM or Kimsuky), a Democratic People’s Republic of Korea (DPRK or North Korea) aligned group working in support of the Reconnaissance General Bureau, is particularly prolific in email phishing campaigns targeting experts for insight into US and the Republic of ...
- Cisco Duo says a third-party data breach stole MFA SMS logs
April 16, 2024
Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third party, through which they stole login ...
- Giant Tiger breach sees 2.8 million records leaked
April 16, 2024
When asked, they posted a small snippet as proof. The download of the full database is practically free for other active members of that forum. In March, one of Giant Tiger‘s vendors, a company used to manage customer communications and engagement, suffered a cyberattack, which impacted Giant Tiger, as reported by CBC. The retailer first learned ...