“Conceal a flaw, and the world will imagine the worst.”
— Marcus Valerius Martial
My colleague called me today urgently asked for my advice. I thought it was work-related, it turned out someone was affected by ransomware, and she wanted to see if anything I can do while the files were already encrypted. Not before I make any comments, my colleague told me that the victim paid eventually.
The story didn’t end there. There is a follow-ups payment that needs to be paid for the second “key” — a new technique that hackers use as “double-extortion.” …
“All human beings have three lives: public, private, and secret.” ― Gabriel García Márquez
A while back, I met an old friend who I hadn’t seen since I graduated. We went for a cup of coffee to catch up for the past decades. He told me he was watching “Breaking Bad” in season 2. And we both love Breaking Bad (Who didn't?) I also recommended him to try Westworld as “Jessie Pinkman” was in last season.
I wrote on Medium in November 2019. I still remember the first story was written at the Suvarnabhumi Airport (BKK) in Thailand. I typed on my Pixel 2XL, using the on-screen keyboard when I was waiting for my girlfriend's arrival.
Not many people use Medium in Hong Kong, but I like reading on medium. Since the last US election, I gave up Facebook. Unlike Facebook, I post on Medium to share what I learned and enjoyed. Before I realized it, my English improved! (I know it still sucks).
When preparing my presentation, the flow and the arrangement of contents secretly…
I just passed the exam of ISSAP® — Information Systems Security Architecture Professional from (ISC)2®. It was one of the most challenging exams I took in my life. All the answers to the multiple choices are correct, but it is required to choose the best answer in most cases. I checked the member count from the official website. There are 25 active holders in Hong Kong and 2061 worldwide.
“A ship is safe in harbor, but that’s not what ships are for.”
― John A. Shedd
Discord is a platform predominantly popular among gamers. It creates specific groups or communities of users who can send voice, text, and other media messages between one another quickly. Last week, Sophos reported a massive increase in the number of malware detection alerts found in Discord.
According to the report, the number of malware incidents on Discord jumped 140 times compared to last year. …
Managed Service Providers (MSPs) recently draw our attention after being targeted by cybercriminals. As they are typically gaining privileged access to their clients’ infrastructure, attacking one MSP would give attackers access to various systems. That’s why it is an attractive target for cybercriminals (i.e., high ROI).
The recent Kaseya supply chain attack told us all how scalable and serious such an attack can undergo. A REvil ransomware affiliate obtained access to Kaseya systems to access the systems and encrypt data of around 60 of its customers (many of which are MSPs).
This first touch down then further goes down the…
Pegasus is originally Military-grade software for tracking terrorists and criminals. However, according to NSO Group, Pegasus is only used to “investigate terrorism and crime” and “leaves no traces.” It was first discovered in 2014, infected phones via spear-phishing: either specifically crafted text messages or emails that lure a target into clicking on a malicious link.
In short, Pegasus is a spyware that is developed, marketed, and licensed to governments worldwide by the Israeli cyber-surveillance company NSO Group. It is perhaps the most potent piece of spyware ever (certainly by a private company). …
Regarding the recent alarming cyberattacks, especially ransomware, CISA provides us multiple resources for different attack stages, from the beginning to the post-attack era.
While companies are urged not to pay ransoms to recover data, significant payouts have been made in just the last six months alone, indicating the increasing severity of ransomware. According to DOJ news, approximately USD350 million in ransoms was paid in 2020, more than a 300% increase from the previous year.
There have been significant attacks against corporations and critical infrastructures like Colonial Pipeline Co. by DarkSide or other healthcare organizations that forced systems to go offline…
On July 14, Microsoft issued patches for 117 CVEs. Above all, four of them are under attack heavily, and six are publicly known. Among all 117 CVEs:
The products and services affected include Microsoft Windows, Exchange Server, Microsoft Office, Dynamics, SharePoint Server, Internet Explorer, Bing, Visual Studio, OpenEnclave, and Windows Storge Space Controller.
Cyber is basically a tremendous amount of computers linked together. And AI in cybersecurity is already working 7 x 24 for us. Like malware analysis and automated detection involves massive amounts of data to be reviewed. More AI-assisted security products would be in the market in 2021 as data volume nowadays is already unable to be analyzed by humans only.
The goal of artificial intelligence (AI) is to build more intelligent machines. We saw the applications of AI in multiple domains, including:
and not surprisingly, it is also used in…
Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running. Top Writer in Privacy. Editor of Technology Hits.