Security News

A vulnerability in Broadcom's cable modem firmware can open unknown millions of broadband modems by various manufacturers to attackers, a group of Danish researchers has warned. CVE-2019-19494, also dubbed Cable Haunt, is present in the spectrum analyzer, a standard component of Broadcom chips that identifies potential problems with the connection through the modem's coaxial cable.

A vulnerability in Broadcom's cable modem firmware has left as many as 200 million home broadband gateways in Europe, and potentially more worldwide, at risk of remote hijackings. The end result, the team says, is that crooks can remotely take over vulnerable Broadcom-based cable modems without netizens or ISPs realizing; the victim simply has to surf to a dodgy website, or similar.

Your quick summary of infosec news beyond everything else we've reported Roundup Here's your Register security roundup of infosec news about stuff that's unfit for production but fit for print.…

Facebook says the company used celeb bait links to infect victims with malware and hijacked their ad accounts to sell diet pills.

In a coffee-shop scenario, attackers can hijack "secure" VPN sessions of those working remotely, injecting data into their TCP streams.

A vulnerability that can be exploited to determine if a user is connected to a VPN and hijack active TCP connections in a VPN tunnel has been found to affect various Linux and Unix operating...

Prosecutors allege that Meiggs and Harrington took over their targets' mobile phone and email accounts via SIM-swapping.

Symantec Endpoint Protection is the latest antivirus product found to unsafely load DLLs into a process that runs with SYSTEM privileges. read more

A vulnerability in McAfee antivirus software could allow an attacker to evade self-defense mechanisms and achieve persistence, SafeBreach security researchers have discovered. read more

Sextortion scammers have started hijacking poorly managed or defunct blogs to expand an increasingly profitable business.