Hello, welcome to the Tuesday, August 14th, 2018 edition of the Sandson and Stormsendos Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

The extortion scams that we have seen evolving over the last few weeks have come up with yet another twist. The latest version of

this scam does try to make the scam more believable by offering the last four digit of

one of your phone numbers. I guess the bad guys have figured out that a lot of people watch porn on mobile

devices. So they claim that these are the last four digits of the mobile phone that they

compromised. Just like before by offering up a little bit of information like this, they're trying

to get people to actually believe them

and pay the ransom. Now, the question here is, why do they only give you the last four digits?

Did he had a pretty plausible idea in that this data actually does not come from a breach like

the password data we have seen before. Instead,

a lot of websites when you, for example, try to reset your password, they will give you the

last four digits of the phone number. They're going to send a password reset code to or

a token for a two-factor SMS message. The wording also keeps

changing a little bit. There are probably multiple actors in play here, so this may just be a

later group that just doesn't have access to any breach information, which may include your complete phone number.

And Intel released a bulletin with details regarding a denial of service vulnerability in its

troubled Puma cable modem chipset.

This chipset family came originally from Texas Instrument, but is now developed and sold

by Intel for the last couple versions and has had a history with users complaining about

lower-than-advertised performance and modem crashes. Apparently, one of the causes of these crashes was the bug

that is now being fixed here. Now, typically, this would be a patch that will be applied

...