SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- North Carolina: Around £2.1 million has been stolen from the housing agency as the US Secret Service is investigating
March 3, 2024
It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a multi-million pound fraud investigation by the US Secret Service into millions of public money that was ...
- 20 million Cutout.Pro AI service users hit by massive data breach
March 2, 2024
AI-powered photo and video editing platform Cutout.Pro has become the latest victim to what has turned out to be a pretty sizeable data breach. Personal information relating to as many as 20 million users, including email addresses, hashed and salted passwords, IP addresses, and names has been exposed, prompting significant privacy and security concerns. Read more… Source: MSN ...
- LockBit cyberattack: Fulton County refuses to pay ransom as deadline passes
March 1, 2024
Fulton County leaders say they have not paid any ransom to the criminal group claiming responsibility for the cyberattack that affected several of the county’s agencies. The group LockBit had set a deadline of 8:49 a.m. on Thursday for Fulton County to pay the ransom or risk having stolen data leaked onto the dark web. This ...
- US prescription market hamstrung for 9 days (so far) by ransomware attack
March 1, 2024
Nine days after a Russian-speaking ransomware syndicate took down the biggest US health care payment processor, pharmacies, health care providers, and patients were still scrambling to fill prescriptions for medicines, many of which are lifesaving. On Thursday, UnitedHealth Group accused a notorious ransomware gang known both as AlphV and Black Cat of hacking its subsidiary, Optum. ...
- Here Come the AI Worms
March 1, 2024
In a demonstration of the risks of connected, autonomous AI ecosystems, a group of researchers have created one of what they claim are the first generative AI worms—which can spread from one system to another, potentially stealing data or deploying malware in the process. “It basically means that now you have the ability to conduct or ...
- Malicious meeting invite fix targets Mac users
March 1, 2024
Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. During the attacks the criminals will send a link supposedly to add a meeting to the target’s calendar. In reality the link runs a script to install Mac malware on the target’s machine. Cybersecurity expert Brian Krebs investigated and flagged the issue. Scammers, impersonating ...