SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments
June 7, 2021
In March 2021, I uncovered the first known malware targeting Windows containers, a development that is not surprising given the massive surge in cloud adoption over the past few years. I named the malware Siloscape (sounds like silo escape) because its primary goal is to escape the container, and in Windows this is implemented mainly ...
- Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign
June 7, 2021
An ongoing surveillance operation has been uncovered that targets a Southeast Asian government, researchers said – using a previously unknown espionage malware. According to Check Point Research, the attack involves spear-phishing emails with malicious Word documents to gain initial access, along with the exploitation of older, known Microsoft Office security vulnerabilities. But most notable, researchers said, ...
- Securing Computerized Vehicles from Potential Cybersecurity Threats
June 6, 2021
Like technology itself, cybersecurity is ever-evolving and encompassing more areas of our lives, including transportation. Popular science fiction movies have led us to expect flying taxis and private space travel as the future of transportation. If that is going to become an eventual reality, the first steps towards that future are “smart cars” and automated ...
- REvil Ransomware Gang Spill Details on US Attacks
June 4, 2021
Cybercriminals behind the JBS Foods ransomware attack claim they had no intent to target United States-based firms. The group, identified as the Sodinokibi REvil ransomware gang, also said it was not afraid of being labeled a cyber-terrorist group. A spokesperson for REvil shared its positions in an interview on a YouTube and Telegram channel called Russian ...
- TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations
June 4, 2021
TeamTNT has been evolving their cloud-focused cryptojacking operations for some time now. TeamTNT operations have targeted and, after compromise, exfiltrated AWS credentials, targeted Kubernetes clusters and created new malware called Black-T that integrates open source cloud native tools to assist in their cryptojacking operations. TeamTNT operations are now using compromised AWS credentials to enumerate AWS cloud ...
- New SkinnyBoy malware used by Russian hackers to breach sensitive orgs
June 3, 2021
Security researchers have discovered a new piece of malware called SkinnyBoy that was used in spear-phishing campaigns attributed to Russian-speaking hacking group APT28. The threat actor, also known as Fancy Bear, Sednit, Sofacy, Strontium, or PwnStorm, used SkinnyBoy in attacks targeting military and government institutions earlier this year. SkinnyBoy is intended for an intermediary stage of the ...