SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Threat landscape for industrial automation systems for H2 2022
March 6, 2023
In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%. This was higher than the percentages for 2021 and even 2020. Read more… Source: Kaspersky
- DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape
March 6, 2023
German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other “masterminds” behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient. The criminal gang, also known as Indrik Spider, Double Spider and Grief, used double-extortion ...
- Spike in LokiBot Activity During Final Week of 2022
March 3, 2023
Unit 42 researchers have uncovered a malware distribution campaign that is delivering the LokiBot information stealer via business email compromise (BEC) phishing emails. This malware is designed to steal sensitive information from victims’ systems, such as passwords and banking information, as well as other sensitive data. In this blog, Unit 42 researchers will explain how attackers used ...
- Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
March 2, 2023
Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of the emails had subject lines that attempt to catch victims’ attention: “help,” “requesting for assistance,” ...
- Subdomain Reputation: Detecting Malicious Subdomains of Public Apex Domains
March 2, 2023
Cybercriminals regularly leverage popular dynamic domain name system (DDNS) or web hosting services to store and distribute their content. Threat actors leverage these for command and control (C2), malware distribution and phishing. This abuse has created the need for new detection methods for malicious subdomains. DDNS and web hosting services often allow people to serve content ...
- Leveraging data science to minimize the blast radius of ransomware attacks
March 2, 2023
As ransomware groups continue to build on their arsenal of tactics, techniques, and procedures (TTPs), it’s essential for cybersecurity professionals to assess the levels of risk to their organizations using multiple sources of information for a comprehensive outlook on this ever-evolving threat. Common Vulnerabilities and Exposures (CVE) data, for example, can guide defenders in determining ...