Philip Choo

0 Comments
Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what’s a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two
0 Comments
Cybersecurity firm OneSpan has announced the appointment of Ajay Keni as its new chief technology officer (CTO). Keni will replace Benoit Grangé in the post, who will take up a new position as chief technology evangelist, in which he will “focus on sharing OneSpan’s technology vision and deep industry insights with customers, partners and the
0 Comments
However, change lay just around the corner. With wireless communication standards beginning to proliferate in the early 2000s, the missing element was the transformation and integration of personal communications and computing. From there, data-driven sports tech could go fully commercial. Integration – enter the era of smartphones In the year 2000, mobile phones began to
0 Comments
The cybercrime gang Netwalker claims to have exfiltrated data from the College of the Nurses of Ontario in a ransomware attack. A screenshot of data allegedly swiped from the college was posted on Netwalker’s website, where the college’s name has been added to a growing list of the gang’s victims. In a sparsely detailed statement issued yesterday,
0 Comments
When it comes to coercing people into parting with their money, cybercriminals seem to have an endless bag of tricks to choose from. There are some tricks, that they favor more than others, one of which is extortion. According to the FBI’s latest Internet Crime Report, US victims of extortion lost some US$107.5 million to these crimes last year.
0 Comments
by Paul Ducklin You’ve probably heard terms like “spray-and-pray” and “fire-and-forget” applied to cybercriminality, especially if your involvement in cybersecurity goes back to the early days of spamming and scamming. Those phrases recognise that sending unsolicited email is annoyingly cheap and easy for cybercrooks, who generally don’t bother running servers of their own – they
0 Comments
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country’s Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target Rana
0 Comments
The former CEO of the UK government’s National Cyber Security Centre (NCSC) has joined Paladin Capital Group as a managing director.  The appointment of Ciaran Martin by the global cyber and deep tech investor, headquartered in Washington, DC, was announced today.   Previously, Martin was hired as director of security and intelligence at the Cabinet Office in 2008,
0 Comments
The most common threat in the cybersecurity world often sounds like a plot from a blockbuster movie. The clock is ticking… You have only a few hours… Can you solve the mystery before you have to pay the ransom? According to Secureworks’ Director of Intelligence, Mike McLellan, year after year, threat actors around the world
0 Comments
The US has indicted two Iranians in connection with the theft of hundreds of terabytes of sensitive data from computers in America, Europe, and the Middle East.  Hooman Heidarian, aged 30, and Mehdi Farhadi, 34, were allegedly involved in a slew of coordinated hacks perpetrated to make money or for political reasons.  Data stolen in the attacks
0 Comments
The cyber attack affects 14 inboxes belonging to the Department of Justice was confirmed by ESET researchers.  ESET’s team of malware researchers in Montreal, in collaboration with journalist Hugo Joncas, helped shed light on a cyber attack that affected the Quebec Department of Justice.  Indeed, on August 11 and 12, the Department of Justice suffered a cyber attack in which malicious actors used malicious software to infect 14 inboxes under the Department‘s
0 Comments
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world. Named as APT41 and also known as ‘Barium,’ ‘Winnti, ‘Wicked Panda,’ and ‘Wicked Spider,’ the cyber-espionage group has been operating since at least
0 Comments
Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication   Zoom is rolling out support for two-factor authentication (2FA) across its web, desktop, and mobile applications, allowing users to double down on the security of their accounts with an extra layer of protection.  For context, 2FA systems require users to pass authentication
0 Comments
A New Jersey man who physically installed keyloggers onto the computer networks of his rivals to steal trade secrets has been sent to prison for nearly eight years.  Ankur Agarwal, of Montville, pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft in federal court in Newark back in October
0 Comments
A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed “Raccoon Attack,” the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract the shared secret
0 Comments
Privacy issues have been detected in an official application of the Joe Biden campaign. The Vote Joe app uses relational organizing to allow users to share data about themselves and their contacts with a voter database run by Target Smart, a service claiming to have over 191 million voter records.   A user who syncs their contacts with
0 Comments
A member of an organization dedicated to disrupting America’s political system has been charged with wire fraud conspiracy.  Project Lakhta manager Artem Mikhaylovich Lifshits of St. Petersburg, Russia, is accused of using IDs stolen from US citizens to open fraudulent accounts at banking and cryptocurrency exchanges.  According to a criminal complaint filed yesterday in the Eastern District
0 Comments
Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe’s Premier Digital Asset Exchange. Based
0 Comments
Cyber-criminals who launched a ransomware attack on a US court have published what they claim are stolen court documents online.  Attackers claim to have successfully targeted the Fourth Judicial District Court of Louisiana with a ransomware strain known as Conti, first detected in the wild in December 2019. The malware has been observed to use
0 Comments
Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed “CDRThief” that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata. “The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR),” ESET researchers said in a Thursday