Cyber Security

Modern web application architectures have extended the attack surface. While, digitalization and automation have enhanced attacker effectiveness, leading to the continuous exploitation of known vulnerabilities like OWASP Top 10 and unknown threats. About 1 billion customers’ identities are being stolen, more than 10,000 security breaches occur every day, and over 90% of websites are in danger of cyberattacks. These data highlight

In today’s Public Key Infrastructure (PKI) field, it is common to see organizations leverage on Microsoft Certificate Authority (CA) to build their internal PKI System. However, a lot of organizations are not aware of the security gaps that Microsoft brings to the table and what are the issues that might bring to them. In this blog, we will discuss the security

With recent global events, many businesses are adopting, or at least temporarily accepting, a work-from-home model. Cybersecurity experts all over the world are raising the alarm about the increased threat of data breaches. Working remotely extends the data risk plane. While this is the right response to mitigate the current concerns, enabling a distributed workforce does come with its own set

Phishing is a kind of social engineering attack. Often it is a low-tech attack as opposed to high-tech attacks like security system hacking or password hacking. These malicious attacks employ psychological tricks to lead users into divulging sensitive information or unknowingly providing security access. The most common form of social engineering is email phishing. Steps perpetrators use: 1. Casting a wide

See More, Respond Faster with Trend Micro Vision One™ With the recent increase in cyberattacks due to the Russia-Ukraine conflict, it is more critical than ever to be aware of your organization’s security posture. The threat landscape is constantly changing, and as malicious actors are always using new tools and tricks, it becomes imperative for organizations to have visibility in their

Code Exposure: The Vulnerabilities in Your Code & Where They Originate When people ask me if I can code, I often tell them I can write scripts and hello world applications instead of actual coding. In my opinion, writing an application with a positive use is a lot easier than writing an application that handles negative use cases. Compounded by the

A Must Have “Transaction Signing” for All Recently in Singapore, a major bank was facing losses up to S$13.7 million dollars in a month during December 2021 alone. All this was due to phishing. The main culprit was due to victims who fell prey and provided their online banking log in credentials and one time pins to phishing websites thus multi-factor

DevSecOps with Checkmarx Have you ever encountered a situation whereby you are not able to deploy an application due to vulnerabilities in the codes? Remediation measures are generally time consuming and expensive when vulnerabilities are discovered in the later stages of the development cycle. Worst still, having a vulnerable code pushed to production could lead to exploitation causing downtime or data