Understanding the Digital World, and Staying Safe on Cyberspace!
A few months ago, I came across a Channel NewsAsia article that provided a treatise (in the eyes of Gen Z/Alpha, not necessarily Gen X/Y) of AI slop and why it is so pervasive. AI slop is so widespread that most online platforms now suffer from a low signal to noise ratio. For someone that…
In about a week’s time, I will be in a different continent to give a talk on threat modeling, and another co-presented topic with SATCR4K on satellite security. To some extent, this year’s roll is partially happenstance. Included in this year’s roll are many more conference talks, co-founding of Threat Modeling Connect’s Singapore chapter and…
It still feels like an honour representing Singapore to present what Singapore is all about. Because it is an honour to do so, together with my fellow delegates. And considering this was my inaugural opportunity to represent Singapore in such a summit, what did I learn and encounter? Several Singaporeans’ View of Singapore Before heading…
Recently, I read both the works “Publish Your Threat Models!” (written by Loren Kohnfelder and Adam Shostack) as well as “Should We Publish Threat Models?” (written by Matin Mavaddat) with great interest. These are important conversations that the industry should have, and also one of the numerous motivations for setting up a Singapore “Threat Modeling…
Last year, I attended some improv classes. In improv 101s, they often teach the principle of “Yes and…“, and for good reason. Allowing your partner to continue on a line of thought, providing them with enough information and scene would allow a conversation to continue. Functionally, improv classes, like Toastmasters settings (I did Toastmasters for…
“It’s now or never. We are going to do this Toto. We are gonna do this!” Eventually, thanks to a new plan (data-driven), Lewis Hamilton went on to win a race that was originally lost on the first lap. But the plan was only thought to be feasible about 20 minutes ago. My Own “Now…
When teaching the OT Security 101 Workshop for Div0, one conundrum I had (and in general, for any introductory workshop) is how we can provide enough material for the faster peers amongst us, yet make sure the slower ones can catch up. We do this through the concept of the extra mile. This was first…
On Friday evening, I caught up with a fellow cybersecurity professional over dinner. Luckily none of us had to deal with the meltdown Crowdstrike had caused. But this caused much grief and frenetic hours for our IT administrators around the globe, who had to manually perform workarounds to recover affected Windows servers and clients. Being…
In April, it was reported that the eScan antivirus update mechanism was targetted by an APT group to distribute GuptiMiner malware. The malware itself is quite sophisticated, but what was baffling to me was the modality of said attack: delivery of the attack vector through HTTP. The “Lock” on the Browser If you had been…
What do lava lamps have to do with Physics and cybersecurity? Besides the fact that they are all hot (pun intended), they are all related through Cloudflare. This post was inspired by a friend who asked me this: Recently, lava lamps have taken the Internet by storm through suggesting they were useful to improve the…
