Philip Choo

by Paul Ducklin If you’re an OpenSSL user, you’re probably aware of the most recent high-profile bugfix release, which came out back in March 2022. That fix brought us OpenSSS 3.0.2 and 1.1.1n, updates for the two current fully-supported flavours of the product. (There’s a legacy version, 1.0.2, but updates to that version are only
If you’re one of the countless Apple iPhone owners out there, there’s a good chance that one of the reasons you love your smartphone is because you’ve heard that Apple devices tend to have fewer vulnerabilities to viruses.   Because of their shared operating system, iOS devices enjoy Apple’s security measures, which keeps them protected from
Frederik Mijnhardt Contributor Frederik Mijnhardt is the CEO of Secfi, an equity planning platform for startup executives and employees. Last year was a great one for startups. It was a record year for companies going public, valuations for pre-IPO companies were skyrocketing, and fundraising also shattered records. But 2022 is going to be quite different.
Legal and professional services firms need to adapt their technology and security to fit new ways of working, according to a senior CISO in the sector. During a Talking Tactics session at Infosecurity Europe 2022, Christian Toon, CISO at legal practice Pinsent Masons, pointed out that law firms are staffed by “intelligent people who get confidentiality.” Yet,
On the third and final day of InfoSecurity Europe 2022, Sarb Sembhi, global CISO of Aireye, moderated the keynote panel discussion titled ‘Boosting SME’s Cyber Security Strategy.’ Sembhi was accompanied by fellow experts Milos Pesic, vice president of InfoSec & CyberSec at Marken, Diane Abela, chief information security officer at AccuRx and Vincent Blake, VP, digital technology security officer &
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. [00’22”] Duck gets behind the Ducks. [01’34”] 2000 phone scammers arrested in Interpol action. [11’12”] A three-year-old hacking case ends in conviction. [17’13”] Canadian financial company picks up enormous data breach fine. With
Summary Since at least 2015, threat actors have used HUI Loader to load remote access trojans (RATs) on compromised hosts. Secureworks® Counter Threat Unit™ (CTU) researchers link two HUI Loader activity clusters exclusively to China-based threat groups. The BRONZE RIVERSIDE threat group is likely responsible for one cluster, which focuses on stealing intellectual property from
A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves the deployment of post-intrusion ransomware such as LockFile, Atom Silo, Rook, Night Sky,
Authored by Lakshya Mathur An LNK file is a Windows Shortcut that serves as a pointer to open a file, folder, or application. LNK files are based on the Shell Link binary file format, which holds information used to access another data object. These files can be created manually using the standard right-click create shortcut
Trendy consumer gadgets are reaching the market at an expedited rate in today’s world, and the next new viral product is right around the corner. While these innovations aim to make consumers’ lives easier and more efficient, the rapid development of these products often creates security risks for users — especially as hackers and malicious
Thepeer, an African tech infrastructure startup connecting businesses’ wallets, has raised a $2.1 million seed round led by the Raba Partnership. The news comes a year after the startup raised $220,000 in pre-seed from a handful of angel investors, including Paystack CTO Ezra Olubi and Edenlife CTO Prosper Otemuyiwa. Participating investors in Thepeer’s seed round
On the opening day of Infosecurity Europe 2022, renowned author and journalist Mischa Glenny provided an insightful overview of cybersecurity and its intersection with geopolitical affairs in his keynote talk. Glenny began by drawing his audience’s attention to the precarity of the current geopolitical era, described as both “the age of uncertainty” and “the great
Enterprise patch management requires the right balance of preparation, speed and agility. Without the proper processes and tools at the ready, patch updates can quickly fall behind. And failing to stay on top of patching can result in unnecessary exposure to security breaches or inoperable systems, applications and services. These days, there are more endpoints
Insurance exists to protect the insured party against catastrophe, but the insurer needs protection so that its policies are not abused – and that’s where the fine print comes in. However, in the case of ransomware insurance, the fine print is becoming contentious and arguably undermining the usefulness of ransomware insurance. In this article, we’ll