Welcome to our latest round-up of news from the technology and hosting world. Here’s what we’ve discovered this week.
Catching phish
COVID-related phishing scams and malware emails have proliferated over the last few months with an estimated 240 million corona-themed, malicious emails sent every day. In the last seven days, Google discovered 18 million being sent just via Gmail. Although spam filter companies are working flat-out to catch them before they land in people’s inboxes, Google has said that over 60% of those sent each day are different to ones sent in the past, making it even more difficult for machine learning algorithms to spot them. So, while the majority are getting filtered out, hundreds of thousands are still getting through.
Not only are the scammers taking advantage of the public’s concern over the virus; they are also hedging their bets that the business disruption caused by lockdowns will see more of these emails being opened and acted upon. Businesses and individuals need to be very cautious about any COVID-related email.
Virtual parliament
Plans to allow the MPs in the House of Commons to take part in parliamentary debates and prime minister’s questions using the app, Zoom, have been approved by the House of Commons Commission and now just need MPs approval before being put into place. The hybrid solution the commission has chosen will see up to fifty members attend the Commons with an additional 120 taking part at home.
Commons Speaker, Sir Lindsay Hoyle, said the eventual aim is to have an entirely virtual Parliament which will ensure MPs can stay safe and work remotely within their own constituencies. Screens will be installed around the chamber so that the Speaker and MPs who are present can see those taking part elsewhere.
The Zoom Debate
If the UK parliament is to adopt Zoom in order to let MPs attend from home, then perhaps the first thing it should debate is cybersecurity. Zoom’s security has been highly criticised in recent weeks and it has even been banned by some governments and businesses. More recently, however, hackers have been selling two zero-day Zoom vulnerabilities, one for its Windows client and one for the macOS.
With an asking price of half a million dollars, these include a remote code execution bug in the app’s Windows client that gives full control over the software. If this can be exploited to download other malware, it could give hackers access to entire systems. Not good if that happens to the devices used by the members of the cabinet or to any of the millions of other Zoom users. However, the high price tag shows just how valuable the exploit could be.
And the Grammy goes to
Got ambitions to be the next Mozart, McCartney or Eminem? Forget it. Human songwriting is about to take the long and winding road to obscurity. Instead of using musicians to create chart-topping hits, producers are now using AI to do the job for them. By providing huge datasets of previously recorded tracks, these algorithms learn the underlying patterns that make up music in order to create brand new songs.
So widespread is the use of AI in the music industry that this year will see the first ever Artificial Intelligence Eurovision Song Contest. Run by Dutch broadcaster VRPO, there are contestants from around Europe and as far as Australia taking part. The good news for Eurovision fans is that, while the traditionally flamboyant human show is cancelled this year, you can still listen to the AI entries and even vote for your favourite by visiting the VRPO website. Though Graham Norton won’t be presenting this one, he’ll no doubt have his fingers crossed that the UK entry doesn’t get points.
A new way to hack? Fantastic!
That barely audible whisper of a PC’s fan might be the sound of it getting hacked. This is because hackers have developed malware that can steal sensitive data by manipulating the vibrations that CPU and GPU fans create. What’s perhaps even scarier is that air-gap covert channels which the malware exploits, can even take data from systems which are isolated from network connectivity, such as those used by the government or the military.
The reason this is possible is that a PC’s internal fans can be encoded with the data that is stored internally. As vibrations can be felt through surfaces like a desk, malware on one device, such as a mobile phone, can create vibrations which regulate the rotation speed of internal PC fans. This can then be used to get the fan to encode its own vibrations with the sensitive data stored on its hard drive. These vibrations are then picked up by the smartphone and decoded back into data using the phone’s built-in accelerometer. While this is all very James Bond and not likely to happen to the average PC, it does highlight the incredibly diverse ways that hackers can use. Similar air-gap methods include using the flicker of a PC’s screen brightness and the flashing of its LEDs to encode and decode data.
Visit our website for more news, blog posts, knowledge base articles and information on our wide range of hosting services.