SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Iran accelerates cyber ops against Israel from chaotic start
February 6, 2024
Since Hamas attacked Israel in October 2023, Iranian government-aligned actors have launched a series of cyberattacks and influence operations (IO) intended to help the Hamas cause and weaken Israel and its political allies and business partners. Many of Iran’s immediate operations after October 7 were hasty and chaotic – indicating it had little or no coordination ...
- AnyDesk confirms cyber attack, revokes certificates as hackers infiltrate systems
February 5, 2024
AnyDesk has confirmed it suffered a cyberattack in which hackers were able to compromise its production systems. In a press release published on the company’s website, the remote access provider said it spotted the attack after seeing “indications of an incident” in some of its systems. Subsequent investigation uncovered compromise in the company’s production systems, it ...
- Python Info-stealer Distributed by Malicious Excel Document
February 5, 2024
In January 2024, FortiGuard Labs obtained an Excel document distributing an info-stealer. From the fingerprints in this attack, it is related to a Vietnamese-based group that was first reported on in August 2023 and again in September. The attack stages before the info-stealer are simple downloaders that increase the difficulty of detection. This article introduces each stage ...
- South Korea: KF-21 Fighter Jet Technology Leak Attempt Raises Concerns Over Diplomatic Tensions
February 5, 2024
An Indonesian technician working for Korea Aerospace Industries (KAI) was caught trying to leak internal documents related to the Korean supersonic fighter jet KF-21 ‘Boramae.’ While no core technology leaks have been confirmed yet, it is known that the individual attempted to extract a substantial amount of data. According to the Defense Acquisition Program Administration and ...
- Oman sees surge in cyber crimes
February 5, 2024
The Public Prosecution in Oman has revealed that there were 140 cases of cybercrime in 2023, compared to 126 in 2022 while cases related to online content increased to 2,686 in 2023 from 2,519 in 2022. These cases included misusing financial cards, attempting, assisting, or agreeing to commit information technology fraud. Cases involving a violation of ...
- Cyber attack hits Pennsylvania Courts’ website
February 5, 2024
Pennsylvania Courts’ website was targeted in a cyber attack on Sunday. Pennsylvania’s Chief Justice Debra Todd made the announcement, saying portions of the website were made unavailable due to the attack. The situation was described as a denial of service cyber attack. Todd said there was no indication any court data was compromised and courts will ...