Four Columbia University boffins reckon they can spy on keystrokes and mouse clicks in a web browser tab by snooping on the PC's processor caches. The exploit is apparently effective against machines running a late-model Intel CPU.
The side-channel attack can be performed by JavaScript served from a malicious web and network. It works by studying the time it takes to access data stored in the last-level cache and matches it to user activity. The attack allows a remote adversary recover information belonging to other processes, other users and even other virtual machines running on the same physical host as the victim web browser.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland