SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique.
Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious server. Such content is slowly loaded by the server to enable continued tracking of connection latency, with threat actors potentially using a convolutional neural network for content inferencing.
Read more…
Source: SC Media
Related:
- A botnet is brute-forcing over 1.5 million RDP servers all over the world
June 6, 2019
Security researchers have discovered a new botnet that has been attacking Windows systems running a Remote Desktop Protocol (RDP) connection exposed to the Internet. Discovered by Renato Marinho of Morphus Labs, the researcher says the botnet has been seen attacking 1,596,571 RDP endpoints, a number that will most likely rise in the coming days. Named GoldBrute, the ...
- BlueKeep ‘Mega-Worm’ Looms as Fresh PoC Shows Full System Takeover
June 5, 2019
A working exploit for the critical remote code-execution flaw shows how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds. A researcher has created a proof-of-concept Metasploit module for the critical BlueKeep vulnerability, which successfully demonstrates how to achieve complete takeover of a target Windows machine. Reverse engineer Zǝɹosum0x0 tweeted about his ...
- Platinum is back
June 5, 2019
In June 2018, we came across an unusual set of samples spreading throughout South and Southeast Asian countries targeting diplomatic, government and military entities. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels. The actor behind this campaign, believed to be related to the notorious ...
- MacOS Zero-Day Allows Trusted Apps to Run Malicious Code
June 3, 2019
A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code. macOS researcher Patrick Wardle revealed the flaw Monday, describing the exploitation of the bug ...
- Zebrocy’s Multilanguage Malware Salad
June 3, 2019
Zebrocy is Russian speaking APT that presents a strange set of stripes. To keep things simple, there are three things to know about Zebrocy Zebrocy is an active sub-group of victim profiling and access specialists Zebrocy maintains a lineage back through 2013, sharing malware artefacts and similarities with BlackEnergy The past five years of Zebrocy infrastructure, malware set, ...
- Turla turns PowerShell into a weapon in attacks against EU diplomats
May 30, 2019
A cyberespionage group believed to be from Russia is once again striking political targets, and this time, PowerShell scripts have been weaponized to increase the power of their attacks. Turla, also known as Snake or Uroburos, has been active since at least 2008. The advanced persistent threat (APT) group was previously linked to a backdoor implanted in ...