Philip Choo

In addition to its 2014 attack on Sony Pictures, the Lazarus Group, also known as Hidden Cobra, has been attacking the ATMs of Asian and African banks since 2016, and today Symantec revealed that the group has been successful in its “FASTCash” operations by first targeting the banks’ networks. “The operation known as ‘FASTCash’ has enabled Lazarus,
by Paul Ducklin This week: hyperthreading considered harmful, how to avoid lock screen hacks, and what happens when cryptocurrency exchanges implode. With Anna Brading, Paul Ducklin, Mark Stockley and Matthew Boddy. LISTEN NOW (Audio player above not working? Download MP3, listen on Soundcloud or access via iTunes.) If you enjoy the podcast, please share it
Prevention is the best option but people continue to search for the easiest way out When you work in IT and you’re at a dinner party and somebody asks, ‘What do you do?’ you can usually see the blood run from their face as they’re like, “Oh my God, why me? My one night out this
The Muse, a New York-based, content-rich recruitment site that matches job seekers and all kinds of information about different career paths, as well as with companies that are hiring, has made it second acquisition, picking up TalentShare, a year-old, HR software-as-a service company. TalentShare has been focused on enabling companies to share high-quality candidates that they
A WordPress design flaw could grant an attacker remote code execution, leading to a privilege escalation in WooCommerce and other WordPress plugins, according to RIPS Technologies. In a 6 November blog post, researchers said that if the vulnerability is exploited, it would give shop managers – employees of the store that can manage orders, products and
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce plugin that could allow a malicious or compromised privileged user to
Grab, the Singapore startup that bought Uber’s Southeast Asia business earlier this year, continues to announce strategic investors for its ongoing Series H funding round. The latest edition revealed today is Korean automotive firm Hyundai, which is investing $250 million. Hyundai first invested in Grab in January, and it joins recently announced investors Microsoft (undisclosed)
From gaming to helping people conquer their fear of spiders and getting quarterbacks ready for Sunday, virtual reality is a much-hyped emerging technology. But is it hackable?   In Ep. 18 of of Hackable?, “Virtually Vulnerable”, Geoff straps on a headset and tests his mettle against white-hat hackers manipulating his virtual experience. Can he withstand ransomware, a human
On November 5, Symantec announced that it acquired Appthority and Javelin Networks in an effort to enhance its endpoint security solutions, adding key technology integrations to Symantec’s Integrated Cyber Defense Platform. Through its acquisition of Appthority, Symantec will enable its customers to analyze mobile apps and identify malicious behaviors and vulnerabilities. Building Appthority’s technology into Symantec
Studying Android’s November security bulletin, you’ll notice that there’s a fair amount to patch. In total, there are 36 vulnerabilities assigned a CVE, and another 17 relating to Qualcomm components rather than Android itself. Within Android, four rated are critical and 13 rated as high. If there’s a standout it might be CVE-2018-9527, simply because it’s
Jake Bright Contributor More posts by this contributor Tarform debuted new e-motorcycles but is there a U.S. market? Naspers announces $300 million initiative to support startups and tech in South Africa Africa’s VC landscape is becoming more African with an increasing number of investment funds headquartered on the continent and run by locals, according to
Transit, a company that built a mobile app designed to help people in cities live without cars, has raised $17.5 million from two automakers in a Series B round. The round was led by RenaultNissan-Mitsubishi’s joint investment arm Alliance Ventures. InMotion Ventures, Jaguar Land Rover’s venture capital fund, also joined the round, as well as two past
A new cybersecurity market segment has emerged in the past few years that combines “active defense” technologies with the traditional concept of honeypots or honeynets. Dubbed deception technologies, these tools can be configured to intercept attacks in progress and lure the attacker to systems and applications running expressly to keep them occupied while defenders either
Malicious browser extensions have been blamed for the theft of private messages and data from 81,000 Facebook users recently discovered for sale on a cybercrime forum. According to the BBC Russian Service investigation, samples of the data were discovered in September being hawked for 10 cents per account on an English-language forum with Russian connections.
Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users’ computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to
Language learning company Reverso is launching a new product on the web and mobile. Reverso Synonyms is a thesaurus service that lets you learn new words and improve your vocabulary. You may have found this feature in the main Reverso translation app already. If you translate a word or a group of words, there’s a