About

Latest cybersecurity news from Asia


ProxyNotShell

Microsoft confirms ‘limited’ abuse of Exchange Server zero-days 03 October 2022ProxyNotShellMicrosoft confirms ‘limited’ abuse of Exchange Server zero-days

Nepxion software with Spring Cloud functions fails to patch RCE bug

03 October 2022Nepxion software with Spring Cloud functions fails to patch RCE bugMaintainer of Chinese project closes public issue apparently without issuing a fix

NETGEAR resolves router bugs in bundled gaming component

16 September 2022NETGEAR resolves router bugs in bundled gaming componentSilicon Valley vendor tackles command injection and MitM-to-RCE issues

BHUSA

IT industry shows ‘lack of imagination’ in spotting cyber-attack evolution12 August 2022BHUSAIT industry shows ‘lack of imagination’ in spotting cyber-attack evolution

DrayTek router flaws

Critical vulnerability impacts thousands of SMEs05 August 2022DrayTek router flawsCritical vulnerability impacts thousands of SMEs

GPS hacker

Zero-days in tracking device pose surveillance, fuel cut-off risks20 July 2022GPS hackerZero-days in tracking device pose surveillance, fuel cut-off risks

Tor Browser 11.5

New release enables users to automatically circumvent censorship19 July 2022Tor Browser 11.5New release enables users to automatically circumvent censorship

GhostTouch

New research shows how electromagnetic interference can be used to trigger arbitrary behavior on mobile touchscreens14 June 2022GhostTouchNew research shows how electromagnetic interference can be used to trigger arbitrary behavior on mobile touchscreens

Hiding in the shadows

Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns13 June 2022Hiding in the shadowsCybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns

Indian VPN providers resist incoming data-logging law

08 June 2022Indian VPN providers resist incoming data-logging lawPrivacy concerns raised over mandate to retain customer records

Tipping the scales

Unpatched bugs pose takeover threat to weight monitoring app06 June 2022Tipping the scalesUnpatched bugs pose takeover threat to weight monitoring app

Incoming!

Atlassian Confluence attacks prompt calls for rapid patching06 June 2022Incoming!Atlassian Confluence attacks prompt calls for rapid patching

Hacking tools export ban

US tweaks rule to alleviate infosec industry misgivings01 June 2022Hacking tools export banUS tweaks rule to alleviate infosec industry misgivings

Treading a fine line

Security ‘researcher’ hits back against claims of malicious CTX file uploads27 May 2022Treading a fine lineSecurity ‘researcher’ hits back against claims of malicious CTX file uploads

Suspicious update

Malicious Python library removed from PyPI repo amid reports of domain hijack25 May 2022Suspicious updateMalicious Python library removed from PyPI repo amid reports of domain hijack

Pwn2Own Vancouver

15th annual hacking event pays out $1.2m for high-impact security bugs23 May 2022Pwn2Own Vancouver15th annual hacking event pays out $1.2m for high-impact security bugs

DevSecOps report

Cybersecurity skills are top priorities for enterprise IT, study finds18 May 2022DevSecOps reportCybersecurity skills are top priorities for enterprise IT, study finds

Deserialization part deux

SharePoint RCE bug resurfaces three months after being patched16 May 2022Deserialization part deuxSharePoint RCE bug resurfaces three months after being patched

Black Hat Asia

‘If democracy is to survive, technology will have to be tamed’13 May 2022Black Hat Asia‘If democracy is to survive, technology will have to be tamed’

Marcus Hutchins on WannaCry

‘Still to this day it feels like it was all a weird dream’12 May 2022Marcus Hutchins on WannaCry‘Still to this day it feels like it was all a weird dream’

CyberUK 2022

Global power conflicts creating ‘balkinization’ of cybersecurity tech11 May 2022CyberUK 2022Global power conflicts creating ‘balkinization’ of cybersecurity tech

‘A great step’

India to introduce six-hour data breach notification rule05 May 2022‘A great step’India to introduce six-hour data breach notification rule

Tearing down red flags

Women in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros15 April 2022Tearing down red flagsWomen in CyberSecurity’s Lynn Dohm on tackling the high exit rate of female infosec pros

Third member of FIN7 cybercrime gang jailed over card skimming scheme

08 April 2022Third member of FIN7 cybercrime gang jailed over card skimming schemeUS authorities sentence pen tester to five years in prison

Cyber certification

Singaporean cybersecurity agency launches scheme for businesses05 April 2022Cyber certificationSingaporean cybersecurity agency launches scheme for businesses

Network cavity blamed for data breach at Japanese candy maker

29 March 2022Network cavity blamed for data breach at Japanese candy makerMore than 1.6m affected by suspected compromise that ‘locked up’ servers

Japanese retailer traces breach to third-party hack

04 March 2022Japanese retailer traces breach to third-party hack Company traces compromise to vulnerability in payment processor’s systems

Breaking down the Equifax breach settlement

Claimants face an ‘uphill battle to establish standing’, says US privacy expert04 March 2022Breaking down the Equifax breach settlementClaimants face an ‘uphill battle to establish standing’, says US privacy expert

Ukraine invasion

WordPress-hosted university websites hacked in ‘targeted attacks’02 March 2022Ukraine invasionWordPress-hosted university websites hacked in ‘targeted attacks’

RCE vulnerability uncovered in Hashnode blogging platform

02 March 2022RCE vulnerability uncovered in Hashnode blogging platformA local file coding error could be exploited to trigger RCE

Toyota shuts down production after ‘cyber-attack’ on supplier

01 March 2022Toyota shuts down production after ‘cyber-attack’ on supplierJITter in the supply chain

Bug Bounty Radar

The latest bug bounty programs for March 202228 February 2022Bug Bounty RadarThe latest bug bounty programs for March 2022

Up close and personal

What does India's Personal Data Privacy Bill mean for individuals and businesses?23 February 2022Up close and personalWhat does India's Personal Data Privacy Bill mean for individuals and businesses?

Google Groups unsubscribe feature abused to remove members

23 February 2022Google Groups unsubscribe feature abused to remove members‘This could have destroyed the Google Payment system flow,’ security researcher tells The Daily Swig