Cybersecurity | Technology

“All human beings have three lives: public, private, and secret.” ― Gabriel García Márquez

A while back, I met an old friend who I hadn’t seen since I graduated. We went for a cup of coffee to catch up for the past decades. He told me he was watching “Breaking Bad” in season 2. And we both love Breaking Bad (Who didn't?) I also recommended him to try Westworld as “Jessie Pinkman” was in last season.

I wrote on Medium in November 2019. I still remember the first story was written at the Suvarnabhumi Airport (BKK) in Thailand. I typed on my Pixel 2XL, using the on-screen keyboard when I was waiting for my girlfriend's arrival.

Not many people use Medium in Hong Kong, but I like reading on medium. Since the last US election, I gave up Facebook. Unlike Facebook, I post on Medium to share what I learned and enjoyed. Before I realized it, my English improved! (I know it still sucks).

When preparing my presentation, the flow and the arrangement of contents secretly…

I Passed!

I just passed the exam of ISSAP® — Information Systems Security Architecture Professional from (ISC)2®. It was one of the most challenging exams I took in my life. All the answers to the multiple choices are correct, but it is required to choose the best answer in most cases. I checked the member count from the official website. There are 25 active holders in Hong Kong and 2061 worldwide.

“A ship is safe in harbor, but that’s not what ships are for.”
― John A. Shedd

Discord is a platform predominantly popular among gamers. It creates specific groups or communities of users who can send voice, text, and other media messages between one another quickly. Last week, Sophos reported a massive increase in the number of malware detection alerts found in Discord.

According to the report, the number of malware incidents on Discord jumped 140 times compared to last year. …

Cybersecurity | Technology

Managed Service Providers (MSPs) recently draw our attention after being targeted by cybercriminals. As they are typically gaining privileged access to their clients’ infrastructure, attacking one MSP would give attackers access to various systems. That’s why it is an attractive target for cybercriminals (i.e., high ROI).

The recent Kaseya supply chain attack told us all how scalable and serious such an attack can undergo. A REvil ransomware affiliate obtained access to Kaseya systems to access the systems and encrypt data of around 60 of its customers (many of which are MSPs).

This first touch down then further goes down the…

Technology | Cybersecurity

What is Pegasus?

Pegasus is originally Military-grade software for tracking terrorists and criminals. However, according to NSO Group, Pegasus is only used to “investigate terrorism and crime” and “leaves no traces.” It was first discovered in 2014, infected phones via spear-phishing: either specifically crafted text messages or emails that lure a target into clicking on a malicious link.

In short, Pegasus is a spyware that is developed, marketed, and licensed to governments worldwide by the Israeli cyber-surveillance company NSO Group. It is perhaps the most potent piece of spyware ever (certainly by a private company). …

Regarding the recent alarming cyberattacks, especially ransomware, CISA provides us multiple resources for different attack stages, from the beginning to the post-attack era.

People Pay the Ransoms

While companies are urged not to pay ransoms to recover data, significant payouts have been made in just the last six months alone, indicating the increasing severity of ransomware. According to DOJ news, approximately USD350 million in ransoms was paid in 2020, more than a 300% increase from the previous year.

There have been significant attacks against corporations and critical infrastructures like Colonial Pipeline Co. by DarkSide or other healthcare organizations that forced systems to go offline…

Cybersecurity | Microsoft

On July 14, Microsoft issued patches for 117 CVEs. Above all, four of them are under attack heavily, and six are publicly known. Among all 117 CVEs:

• Critical = 13
• Important = 103
• Moderate = 1

The products and services affected include Microsoft Windows, Exchange Server, Microsoft Office, Dynamics, SharePoint Server, Internet Explorer, Bing, Visual Studio, OpenEnclave, and Windows Storge Space Controller.

Comparing with the previous two months, this Patch Tuesday is more significant than that before — May and June patches 55 and 50 CVEs, respectively, according to the official releases notes. …