Philip Choo

0 Comments
There are over a hundred potential ways hackers can ruin your life by having access to your WiFi network that’s also connected to your computers, smartphones, and other smart devices. Whether it’s about exploiting operating system and software vulnerabilities or manipulating network traffic, every attack relies on the reachability between an attacker and the targeted
0 Comments
Cyber-criminals have stolen “almost all funds” entrusted to crypto exchange platform Altsbit. The Italian exchange announced it had become the target of a devastating hack yesterday on Twitter. According to their posts, criminals made off with 1,066 Komodo (KMD) tokens and 283,375 Verus (VRSC) “coins” with a combined value of $27,000. Funds kept in cold storage—crypto coins whose
0 Comments
Google releases a fix for the security hole that, if left unplugged, could allow attackers to run malicious code with no user interaction Google has rolled out a security update to address a critical flaw in Android’s Bluetooth implementation that allows remote code execution without user interaction. The vulnerability, tracked as CVE-2020-0022, affects devices running
0 Comments
Several Cisco-manufactured network equipments have been found vulnerable to five new security vulnerabilities that could allow hackers to take complete control over them, and subsequently, over the enterprise networks they power. Four of the five high-severity bugs are remote code execution issues affecting Cisco routers, switches, and IP cameras, whereas the fifth vulnerability is a
0 Comments
A new study focused on distributed denial of service (DDoS) attacks has found that pornographic websites received by far the most attacks per site last year.  To produce their “Global DDoS Threat Landscape” report, researchers at Imperva studied attack data gathered between May and December 2019. Their findings, published yesterday, reveal that websites in the adult entertainment industry received
0 Comments
Can you imagine launching a global bug bounty platform with almost 500,000 submissions and 13,000 researchers without consuming a cent from venture capitalists? If not, this success story is for you. The once skyrocketing bug bounty industry seems to be not in the best shape today. While prominent security researchers are talking about a growing
0 Comments
With Valentine’s Day just around the corner, the Federal Bureau of Investigation has warned Americans to be on the lookout for cyber-based romance scams. The Richmond, Virginia, branch of the FBI said criminals used the most romantic day of the year as an opportunity to con victims out of their hard-earned cash or personal data.
0 Comments
The Mirai botnet has been a constant IoT security threat since it emerged in fall 2016. The subsequent release of its source code only extended Mirai’s reach and is one of the many reasons NetScout labeled it the “king of IoT malware.” While Mirai’s distributed denial-of-service capabilities aren’t anything researchers haven’t seen before, “when wielded
0 Comments
It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can’t connect
0 Comments
Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative (‘root’) privileges on Linux or macOS systems. Sudo is one of the most important, powerful, and commonly used utilities that comes as a
0 Comments
A data breach at Indian airline SpiceJet has exposed the personal information of over a million passengers. Access to the airline’s computer system was gained last month by a security researcher, who went on to report the breach to TechCrunch. Using a brute-force attack, the researcher busted into an unencrypted database backup file containing the private information of
0 Comments
Strong identity and access management procedures are critical as regulatory compliance rules and data fraud incidents persist. Yet, implementing and maintaining world-class IAM practices can be challenging as an organization’s data management needs increase in complexity. Security leaders said it becomes more challenging to maintain a strong IAM program as the complexity of the organization
0 Comments
As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practice—significantly increasing the Managed Security Service Provider (MSSP) market opportunities. Until recently, IT integrators, VARs, and MSPs haven’t participated in the growing and profitable MSSP market as it entailed massive investments in building
0 Comments
by Danny Bradbury The UN suffered a major data breach last year after it failed to patch a Microsoft SharePoint server, it emerged this week. Then it failed to tell anyone, even though it produced a damning internal report. The news emerged after an anonymous IT employee leaked the information to The New Humanitarian, which