SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- Stealthy Malware Flies Under AV Radar with Advanced Obfuscation
November 15, 2019
Researchers warn hackers are putting a new spin on old injection techniques and successfully end-running endpoint protection. They are tracking a campaign, that kicked off in January, that is still going strong exploiting weaknesses in web browsers. The objective is to hide in the background of infected systems in order to steal user passwords, track ...
- APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims
November 14, 2019
The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, linked to its own command-and-control (C2) server, comprises a small group of up to a dozen ...
- DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages
November 14, 2019
Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks: through TCP amplification. Security company Radware shared its observations on multiple campaigns involving Transmission Control Protocol (TCP) reflection attacks, specifically SYN-ACK reflection attacks, against companies across the world. The scope of the impact was ...
- McAfee antivirus software impacted by code execution vulnerability
November 12, 2019
Researchers have revealed a serious code execution vulnerability impacting all editions of McAfee software. On Tuesday, the SafeBreach Labs cybersecurity team said that CVE-2019-3648 can be used to bypass McAfee’s self-defense mechanisms, potentially leading to further attacks on a compromised system. The vulnerability exists due to a failure to validate whether or not loading DLLs have been signed, and a path ...
- Emotet resurgence packs in new binaries, Trickbot functions
November 6, 2019
Emotet, a Banking Trojan turned devastating modular threat, has returned with upgraded functions in a new wave of attacks. The malware, first discovered in 2014, has evolved over the past few years from a relatively basic, singular threat into a customizable modular package used to deploy additional payloads against financial institutions, the enterprise, and consumers worldwide. Emotet, believed to ...
- Kaspersky identifies mysterious APT mentioned in 2017 Shadow Brokers leak
November 5, 2019
In 2017, a mysterious group of hackers known as the Shadow Brokers published online a data dump called “Lost in Translation.” The data dump — believed to have been obtained from the US National Security Agency (NSA) — contained a collection of exploits and hacking tools, including the now-infamous EternalBlue, the exploit that provided the steam ...