SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- TrickBot Adds Custom, Stealthy Backdoor to its Arsenal
January 9, 2020
The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed “PowerTrick,” in order to infiltrate high-value targets. According to research from SentinelLabs, released on Thursday, PowerTrick is designed to execute commands and return the results in Base64 format. It’s deployed as a module after the initial TrickBot infection has already taken hold on ...
- Threat Spotlight: Amadey Bot Targets Non-Russian Users
January 8, 2020
Amadey is a simple Trojan bot first discovered in October of 2018. It is primarily used for collecting information on a victim’s environment, though it can also deliver other malware. A major infection vector for Amadey are exploit kits such as RigEK and Fallout EK. During our monitoring, we also observed this Trojan being delivered via AZORult Infostealer on ...
- First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group
January 6, 2020
Trend Micro found three malicious apps in the Google Play Store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). This is the first known active attack in the wild that ...
- DHS: Iran maintains a robust cyber program and can execute cyber-attacks against the US
January 6, 2020
The US government has issued a security alert over the weekend, warning of possible acts of terrorism and cyber-attacks that could be carried out by Iran following the killing of a top general by the US military on Friday. The warning comes in the form of a rare NTAS (National Terrorism Advisory System) alert, of which ...
- Travelex UK Website Still Down After Cyberattack
January 3, 2020
The British website of foreign currency seller Travelex remains offline as of Friday 3 January, after being taken down following a cyber-attack on Monday 30 December (New Years Eve). The good news is that an investigation has shown there is no indication the virus has compromised any personal or customer data. But the fact that nearly a ...
- FBI Warns of Maze Ransomware Focusing on U.S. Companies
January 3, 2020
Organizations in the private sector received an alert from the F.B.I. about operators of the Maze ransomware focusing on companies in the U.S. to encrypt information on their systems after stealing it first. The warning came less than a week after the Bureau warned about the LockerGoga and MegaCortex ransomware threats infecting corporate systems. Maze has been operating since ...