Blog

The COVID-19 pandemic has led to a worldwide social distancing experiment, spiking sales of remote working tools, personal protective equipment, hand sanitizer, toiletries, guns, drugs, alcohol, and much more.

In 2019, I discovered multiple vulnerabilities in QNAP Photo Station and CGI programs. These vulnerabilities can be chained into a pre-auth root RCE, which means an attacker could run code as root remotely without logging in. CyCraft was able to find this bug by giving its researchers 10% of their work time to bug hunting and bounties to keep their skills sharp and relevant.

The COVID-19 pandemic has led to a worldwide work-from-home experiment spiking the sales of laptops and video conferencing software around the world. Zoom’s UI-focused design goal to remove user friction in video conferencing allowed Zoom.us to become the 6th most used site in America and the 18th most used site globally, Alexa reports.

2019 was an excellent year for the Taiwan superconductor industry; however, beneath this economic upturn, a digital chimera was slowly eating at it from within. Throughout 2019, multiple companies in the Taiwan high-tech ecosystem were victims of an advanced persistent threat (APT) attack.

For years, ArcSight has consistently appeared on multiple Top SIEM Software lists, including Gartner’s Magic Quadrant. Security professionals leveraging ArcSight are further empowered by its multiple partner integrations, which now includes CyberTotal — developed by CyCraft, a leading cybersecurity firm in Asia.

You now live in a world where hackers break through your prevention systems with ease, abuse your trusted tools, and closely mimic your legit user behavior — every second of every day. Prevention tools are never enough to stop all cyber attacks. For many organizations, malicious activity can go unseen; cybercriminals can often lurk for months, or even years, before they are noticed, such as the infamous 2016 DNC hack attributed to APT28 and APT29.