Cloud Computing: New Browser Hack Can Spy On Eight Out Of Ten PCs

Grazed from Forbes. Author: Bruce Upbin.

A group of Columbia University security researchers have uncovered a new and insidious way for a hacker to spy on a computer, Web app or virtual machine running in the cloud without being detected. Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of all PCs in the world) is vulnerable to this attack.

The exploit, which the researchers are calling “the spy in the sandbox,” requires little in the way of cost or time on the part of the attacker; there’s nothing to install and no need to break into hardened systems. All a hacker has to do is lure a victim to an untrusted web page with content controlled by the attacker…

Once there, the software inside the bogus content launches a program that manipulates how data moves in and out of a victim PC’s cache, which is the part of the CPU that serve as the intermediary between the high-speed central processor and the lower-speed random access memory or RAM…

Read more from the source @ http://www.forbes.com/sites/bruceupbin/2015/04/20/new-browser-hack-can-spy-on-eight-out-of-ten-pcs/