Philip Choo

0 Comments
The data of around 100,000 Razer customers has been exposed online following a misconfiguration faux pas. The lapse by the global hardware manufacturing company and eSports and financial services provider was discovered by cybersecurity expert Volodymyr “Bob” Diachenko. Customer data impacted by the cyber-slipup included full name, email, phone number, customer internal ID, order number, order details, and billing
0 Comments
Oregon’s largest city aims to be a trailblazer when it comes to facial recognition legislation . On Wednesday, The Portland City Council passed what could be considered one of the strictest facial recognition bans in the United States. The legislation bans both city government agencies and private businesses from using the technology on the city’s grounds.  While bans on the public
0 Comments
The cyber incident has taken most of Newcastle University’s systems offline and officials estimates it will take weeks to recover.  While students are slowly preparing to return to their universities and colleges after a prolonged absence due to the Covid-19 pandemic, Newcastle University in England has been left reeling from a cybersecurity incident that has affected almost all its systems.  The university first became
0 Comments
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices supporting both —
0 Comments
The People’s Republic of China says the Twitter account of an ambassador who ‘liked’ a tweet containing pornographic content was hacked. The account in question belongs to Liu Xiaoming, the PRC’s ambassador to the United Kingdom. While Twitter is banned in the PRC, Chinese diplomats and their staff who live overseas are permitted to use the social media
0 Comments
by Sean Gallagher Internet scammers are always looking for a better way to separate unwitting device users from their money. And as with all other endeavors, they’ve learned that it pays to advertise. At SophosLabs we recently researched a collection of scams that exploit web advertising networks to pop up fake system alerts on both computers and
0 Comments
We have all heard of the “cybersecurity skills gap” — firms’ inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary
0 Comments
Small-business owners are worried that their employees’ use of social media is a potential security risk, according to new research by the Cyber Readiness Institute. A survey of 400 SMB owners and 1,059 US workers found that 56% of owners believe that their employees’ social media use poses a cybersecurity threat to their business.  Despite their
0 Comments
…but there are no conferences or exhibitions??? Being a regular presenter and visitor at conferences and exhibitions, it is not unusual for me to get unsolicited emails with offers to acquire the “verified” list of visitors or attendees, with function and contact details. Even for conferences and exhibitions I do not attend and often do
0 Comments
Unscrupulous criminals are impersonating employees of the United States Department of Justice to scam elderly victims of crime.  The DOJ issued a fraud alert on Friday in which it strongly encouraged the public to remain vigilant and urged them not to provide personal information over the phone to anyone claiming to be from the department. An alert
0 Comments
Ransomware could pose a significant threat to the US election infrastructure, as aging software and potentially vulnerable voting machines could be targeted by criminal elements or by foreign-based cyber-attacks. According to NTT Ltd.’s global threat report for September, ransomware could be deployed and lay in wait to be activated on election day, or once voting machines
0 Comments
Warner Music Group has issued a data breach notification following a prolonged skimming attack on an undisclosed number of its e-commerce websites. The cyber-attack was discovered by the multinational entertainment and record label conglomerate on August 5, 2020.  E-commerce websites that are hosted and supported by an external service provider in the US but operated
0 Comments
ESET researchers analyze a previously undocumented trojan that is spread via malicious torrents and uses multiple tricks to squeeze cryptocoins from its victims while staying under the radar ESET researchers have uncovered a hitherto undocumented malware family that we named KryptoCibule. This malware is a triple threat in regard to cryptocurrencies. It uses the victim’s
0 Comments
Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code. The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently supported versions
0 Comments
Marginalized Americans interested in pursuing a career in technology received a boost yesterday with the launch of a free online training program. The Agile Testing Bootcamp is a six-week program geared specifically toward upskilling individuals with non-technical backgrounds to obtain high-paying, high-demand technical jobs in software testing. The program was created by Los Angeles software firm QualityWorks and is
0 Comments
Distributed denial of service (DDoS) attacks against online educational resources are over three times more prevalent in 2020 than they were last year, according to new research by Kaspersky. In a report published today, researchers found that between January and June 2020, the number of DDoS attacks affecting educational resources increased by at least 350%, compared to the
0 Comments
As the US presidential election nears, the company’s new tech should also help assure people that an image or video is authentic Microsoft has announced a new tool that’s designed to identify deepfakes and help combat the proliferation of doctored media on the internet. Dubbed Microsoft Video Authenticator, the new technology can analyze both photos
0 Comments
America’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) requiring the development and publication of vulnerability disclosure policies (VDPs).  A BOD is a compulsory direction to federal executive branch departments and agencies for purposes of safeguarding federal information and information systems. BOD 20-01, officially finalized yesterday, requires most executive branch agencies to create a
0 Comments
Unknown threat actors were able to exfiltrate information from the email accounts of several parliamentarians Norway’s parliament, also known as the Storting, disclosed on Tuesday that it fell victim to an extensive cyberattack that targeted its internal email system. In an official statement addressing the incident, the legislature said that cybercriminals were able to access
0 Comments
An American who was employed to moderate disputes on an illegal darknet marketplace has been sentenced to 11 years in prison. Bryan Connor Herrell, of Aurora, Colorado, was hired by AlphaBay to settle arguments between vendors and purchasers.  The site operated by his employers facilitated hundreds of thousands of illicit transactions in which guns, drugs, credit cards