[HackerNews] New SpookJs Attack Bypasses Google Chrome’s Site Isolation Protection

A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into Google Chrome and Chromium browsers and leak sensitive data in a Spectre-style speculative execution attack.
Dubbed “Spook.js” by academics from the University of Michigan, University of Adelaide, Georgia Institute of Technology, and Tel Aviv

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] GAO urges IRS to adopt tougher data security as TurboTax grapples with compromised accounts

All posts, ZDNet

The Government Accountability Office said it disagrees with the IRS stance that they do not have the authority to improve data security. Source: Read More (Latest topics for ZDNet in Security)

Read More

[TheRecord] Suspected Chinese state-linked threat actors infiltrated major Afghan telecom provider

Four distinct infiltrations by suspected Chinese-state sponsored threat actors stole gigabytes of data from the corporate mail server of major Afghan telecom provider Roshan within the past year, with data exfiltration by some spiking during the Taliban’s recapture of the country, according to new research from Recorded Future’s Insikt Group. The attacks highlight China’s intelligence […]

Read More

[BleepingComputer] Phishing attack’s unusual file attachment is a double-edged sword

A threat actor uses an unusual attachment to bypass security software that is a double-edged sword that may work against them. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.