Charles P. Ho

Featured in: Favicon

bmj.com

mdpi.com

aacrjournals.org Favicon

bjsm.bmj.com Favicon

mcr.aacrjournals.org

Articles

What is 'Fast Flux', and why is the US government warning about it?

2 weeks ago | solcyber.com | Paul Ducklin |Charles P. Ho

Fast Flux considered harmfulThe news wires have been full of stories about a cyberthreat dubbed Fast Flux, a jargon term invented in the first decade of this century, when the technique was both new and unusual. The term has largely dropped out of common use in recent years, but now it’s back, with the same frisson of danger that it had when it was new.
News in Brief: Patches from Apple fix privacy, code execution, lock screen bugs

4 weeks ago | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Updates in brief Apple’s latest round of updates are out, covering almost all supported products and operating system versions, including: macOS 13, 14 and 15 (respectively known as Ventura, Sonoma, and Sequoia) iPadOS 15, 16, 17 and 18 iOS 15, 16 and 18 The good news, in contrast to the recent emergency updates for macOS 15 and iOS 18 that came out three weeks ago, is that none of the listed bugs are tagged as zero-days, the name given to security holes that are found and exploited by...
How it works, and why it breaks

2 months ago | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Encryption at restEncryption has been an important part of our digital lives for many years now. All Apple iPhones, for instance, and most Android devices, are shipped with what’s known in the trade as FDE, short for full-disk encryption, already activated. The idea is simple and useful: anything, or more precisely almost anything, that you write to your device gets automatically encrypted on the way from the operating system to storage, and decrypted when it’s read back in.
Is it 'Pig Butchering' or 'Romance Baiting'?

Jan 22, 2025 | solcyber.com | Paul Ducklin |Hwei Oh |Charles P. Ho

What’s in a name? The digital cyber-vandals who churned out the first computer viruses liked to tag them with counter-cultural names that they could use for bragging rights. Sometimes, those names took hold because they were memorable, or because they were unavoidably woven into the visual fabric of the malware.
The scourge of fake accounts: Why so many, what to do?

Dec 3, 2024 | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Every account mattersIn a recent article with the headline “Gone in 24 hours,” we wrote about how and why a single day is more that enough time for cybercriminals to set up and pull off an attack, even if it involves buying a fake online domain, setting up a bogus website at that domain, and spamming out thousands or even millions of users to lure them in.
Gone in 24 hours: Why cybersecurity is not just for Black Friday

Nov 20, 2024 | solcyber.com | Paul Ducklin |Hwei Oh |Charles P. Ho

Don’t let your Black Friday precautions evaporate on Saturday!Any cybersecurity precautions that you think are worth adopting because Black Friday is coming are almost certainly worth taking all year round. Cybercriminals are happy to rely on scam campaigns that will probably only last for 24 hours, because they fully intend to come back for more on the following day, and the day after that, and the next day, week, month, and so on.
Breaking Good: Where does goodware end, and malware start?

Nov 7, 2024 | solcyber.com | Paul Ducklin |Charles P. Ho |Hwei Oh

Many legitimate products and services, from programming libraries to adversary simulation tools, can directly be used either for good or for bad. If, when, and how to use them are therefore important moral and ethical matters that can’t be solved by automation or by one-size-fits-all rules and regulations.
The cryptographic crack that wasn't

Oct 30, 2024 | solcyber.com | Paul Ducklin |Charles P. Ho

Exciting and scary headlinesA few months ago, we published an article with the admittedly dramatic title of The Quantum Apocalypse: What is post-quantum cryptography, and why do we need it? We wrote that article because quantum computers, which are widely misunderstood, often generate exciting and scary-sounding headlines.
The cybercrime that just won't go away

Sep 19, 2024 | solcyber.com | Paul Ducklin |Hwei Oh |Charles P. Ho

Romance scams, which are pretty much what their name suggests, often lead to victim blaming, where those who fall for them are derided for what other people consider plain old gullibility. But these scams predate the word ‘cyber’ and the internet, and they are human-led fraud that can’t be solved by technology alone. What can we do to avoid them, and to keep our own vulnerable friends and family safe? Cybercrime was a problem even before the internet took off.
The NPD Megabreach: Give up on privacy, or fight for your rights? (Part 2 of 2)

Sep 4, 2024 | solcyber.com | Paul Ducklin |Charles P. Ho

What if we all adopted a human-centric cybersecurity culture anchored in value and quality, instead of an automated race-to-the-bottom predicated on cheapness and quantity? We suspect that’s what you want, and we know it’s what we want, so what can we do to bring everyone else along with us?