Philip Choo

Listen to this podcast This podcast episode discusses the law enforcement operation that led to the infiltration and takedown of the Hive network and what it could mean for other ransomware gangs. The U.S. Department of Justice last week announced a major victory in the fight against ransomware with the takedown and seizure of Hive’s
A critical new vulnerability disclosed by network-attached storage (NAS) vendor QNAP this week could be exploited on almost 30,000 devices globally, according to Censys. The security firm scanned the internet to find 67,415 hosts running QNAP-based systems around the world. Although it could only find the version number on 30,250 of them, a worrying 98%
Feb 01, 2023The Hacker NewsSIEM / Kubernetes Container technology has gained traction among businesses due to the increased efficiency it provides. In this regard, organizations widely use Kubernetes for deploying, scaling, and managing containerized applications. Organizations should audit Kubernetes to ensure compliance with regulations, find anomalies, and identify security risks. The Wazuh open source platform
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T3 2022 ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022. In the monitored timespan,
Superstrata’s e-bike is a strange specimen — there’s no two ways about it. In some ways that makes sense; the bike’s concept, borne out in seamless 3D-printed carbon fiber, springs from an equally strange premise. We’ll get into that. Talking to Sonny Vu, founder of Superstrata’s parent company Arevo, the bikes were crafted not out
Threat actors exfiltrated encrypted customer account data and an encryption key for a number of GoTo services in a breach first disclosed last November. Remote work technology provider GoTo, formerly LogMeIn, published an update Monday to a blog post dedicated to a breach that occurred last year. At the time the breach was disclosed on
A leading Taiwanese hardware manufacturer is urging its customers to patch a critical vulnerability in devices running the QTS or QuTS hero firmware. Network-attached storage (NAS) device maker QNAP said in the advisory yesterday that CVE-2022-27596 impacts QTS 5.0.1 and QuTS hero h5.0.1. “If exploited, this vulnerability allows remote attackers to inject malicious code,” it
by Paul Ducklin Samba, simply put, is a super-useful, mega-popular, open-source reimplementation of the networking protocols used in Microsoft Windows, and its historical importance in internetworking (connecting two different sorts of network together) cannot be underestimated. In the late 1990s, Microsoft networking shed its opaque, proprietary nature and became an open standard known as CIFS,
Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1
Endpoint detection and response products are a step up from the antivirus products of old, using automation and machine learning to combat emerging threats. Enterprises that rely on Windows Server will want to enlist multiple layers of protection to keep critical workloads from being overtaken by bad actors. In addition to malware safeguards, many endpoint
Ukrainian cyber-experts have discovered multiple pieces of destructive malware that, earlier this month, were used in an attack targeting the country’s national news agency (Ukrinform). The country’s Computer Emergency Response Team (CERT-UA) revealed in an update that the attack was publicized on a Telegram channel “CyberArmyofRussia_Reborn” on January 17. After being asked by Ukrinform to
Jan 28, 2023Ravie LakshmananEmail Security / Cyber Threat Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads. “Attackers looking to exploit unpatched Exchange servers are not going to go away,” the
Sandworm continues to conduct attacks against carefully chosen targets in the war-torn country ESET researchers have uncovered a new wiper attack in Ukraine that they attribute to the Sandworm APT group. Dubbed SwiftSlicer, the destructive malware was spotted on the network of a targeted organization on January 25th. It was deployed through Group Policy, which suggests
Welcome to The Interchange! If you received this in your inbox, thank you for signing up and your vote of confidence. If you’re reading this as a post on our site, sign up here so you can receive it directly in the future. Every week, I’ll take a look at the hottest fintech news of the previous week.
In today’s world, cybercrime is evolving daily. According to a special report by Cybersecurity Ventures, cybercrime is expected to cause a staggering $10.5 trillion in annual losses by 2025. Therefore, it’s more crucial than ever for both businesses and individuals to stay up to date on the latest developments in cybersecurity. Podcasting is an excellent
Jan 29, 2023Ravie LakshmananCyber Threat / Malware The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is “exclusive to this group.” Gootkit,
Researchers have found three separate vulnerabilities in OpenEMR, an open-source software for electronic health records and medical practice management. Clean code experts at Sonar published an advisory Wednesday about the discovered flaws by security researcher Dennis Brinkrolf. “During our security research of popular web applications, we discovered several code vulnerabilities in OpenEMR,” Brinkrolf wrote. “A combination of
by Naked Security writer Six months ago, according to the US Department of Justice (DOJ), the Federal Bureau of Investigation (FBI) infiltrated the Hive ransomware gang and started “stealing back” the decryption keys for victims whose files had been scrambled. As you are almost certainly, and sadly, aware, ransomware attacks these days typically involve two
Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. “A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and