A fortnight in to 2020 and we have the first security flaw considered important enough to be given its own name: Cable Haunt – complete with eye-catching logo. First discovered by Danish company Lyrebirds some time ago, Cable Haunt is an unusual flaw which in Europe alone is said to affect up to 200 million cable modems based on the Broadcom platform.
Specifically, the flaw is in a normally hidden software layer called the spectrum analyser (SA) used by Internet Service Providers (ISPs) to troubleshoot a subscriber’s connection quality. Read more in
Back in November 2016, 26,500 accounts for the UK’s National Lottery got credential-stuffed like they were a bunch of Thanksgiving turkeys.
And last week, 29-year-old Anwar Batson from London, who supplied his criminal buddies with the brute-force, automated password-guessing, Dark Web-delivered tool behind the credential-stuffing attack – a hacking tool called Sentry MBA – was sentenced to up to nine months in jail. Read more in
Following reports about text transcriptions of live Skype calls being vetted by humans, meaning that sensitive conversations could have been bugged, Microsoft says it’s moved its human grading of Cortana and Skype recordings into “secure facilities”, none of which are in China.
On Friday, The Guardian published a report after talking to a former Microsoft contractor who lived in Beijing and transcribed thousands of audio recordings from Skype and the company’s Cortana voice assistant – all with little cybersecurity protection, either from hackers or from potential interception by the government.
Here’s some goodish news: the Snake ransomware seems to have made the news last week on account of its name rather than its prevalence.
Because, well, SNAKE! Like most ransomware, Snake doesn’t touch your operating system files and programs, so your computer will still boot up, log in, and let you open your favourite apps, so that in purely technical terms you have a working system. but all your important data files, such as documents, spreadsheets, photos, videos, music, tax returns, business plans, accounts payable and accounts receivable, are scrambled with a randomly chosen encryption key.