New SnailLoad Attack Exploits Network Latency to Spy on Users’ Web Activities

/in

A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a user’s web activity.
“SnailLoad exploits a bottleneck present on all Internet connections,” the researchers said in a study released this week.
“This bottleneck influences the latency of network packets, allowing an attacker

The Hacker News – ​Read More

Fortra Patches Critical SQL Injection in FileCatalyst Workflow

/in

Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts.

The post Fortra Patches Critical SQL Injection in FileCatalyst Workflow appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Report Finds Critical Open-Source Memory Safety Risks

/in

CISA urges manufacturers to reduce memory safety vulnerabilities by ditching memory-unsafe languages, implementing secure coding practices, and adopting routine security testing measures.

Cyware News – Latest Cyber News – ​Read More

‘The Acolyte’ and the Long-Awaited Death of Review-Bombing

/in

Leslye Headland’s new Star Wars show is getting positive reviews from critics and being trashed by audiences. Some are calling it review-bombing—but it’s more complicated than that.

Wired – ​Read More

New Ransomware, Infostealers Pose Growing Risk in 2024

/in

In Q1 2024, BlackBerry detected and stopped 3.1 million cyberattacks, averaging 37,000 per day. They also detected 630,000 malicious hashes, a 40% increase from the previous reporting period.

Cyware News – Latest Cyber News – ​Read More

B+ Security Rating Masks Healthcare Supply Chain Risks

/in

The healthcare sector received a “B+” security rating for the first half of 2024, indicating a decent level of security. However, it faces a significant vulnerability in the form of supply chain cyber risk.

Cyware News – Latest Cyber News – ​Read More

Russian APT Reportedly Behind New TeamViewer Hack

/in

TeamViewer’s corporate network was hacked and some reports say the Russian group APT29 is behind the attack.

The post Russian APT Reportedly Behind New TeamViewer Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

This Viral AI Chatbot Will Lie and Say It’s Human

/in

Bland AI’s customer services and sales bot is the latest example of “human-washing” in AI. Experts warn against the consequences of blurred reality.

Wired – ​Read More

Cyber Insurance Terms Drive Companies To Invest More in Security, Report Finds

/in

Approximately three-quarters of companies have made investments in cyber defense in order to qualify for cyber insurance, according to a report by Sophos and Vanson Bourne.

Cyware News – Latest Cyber News – ​Read More

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

/in

Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.

The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek.

SecurityWeek – ​Read More