New SnailLoad side-channel attack detailed

SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique. Several latency measurements for websites and YouTube videos viewed by targets are being conducted Read More …

The NSA buys Americans’ internet data, newly released documents show

The National Security Agency has been buying Americans’ web browsing data from commercial data brokers without warrants, intelligence officials disclosed in documents made public by a US senator Thursday. The purchases include information about the websites Americans visit and the Read More …

Hot Pixels attack checks CPU temp, power changes to steal data

A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. Read More …

NHS data breach: trusts shared patient details with Facebook without consent

NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so. An Observer investigation has uncovered a covert tracking tool in the websites of 20 NHS trusts Read More …

Oops, web trackers may have leaked 3 million patients’ info

A hospital network in Wisconsin and Illinois fears visitor tracking code on its websites may have transmitted personal information on as many as 3 million patients to Meta, Google, and other third parties. Advocate Aurora Health (AAH) reported the potential Read More …