Penalized for Responsible DisclosureWhile researching a new attack vector (presented in BSides SG 2022), my associate and I discovered a misconfiguration in one of the Big…Oct 24Oct 24
Automated Allowlisting and Optimization of High-Volume Alerts for SecOps EfficiencyOne of the top-ranked problems of SecOps alerting is dealing with the amount of noise generated by false positives (FP) while keeping a…Oct 13Oct 13
Changed Your PayNow Display Name? Your Mobile Number Still Reveals More Than You Think.PayNowOct 12Oct 12
Disabling Microsoft Authenticator’s 1FA Sign-in FlowI’ve recently noticed an increasing number of malicious sign-in attempts on my Outlook email account. The interesting bit is that I…Jul 14Jul 14
3-Tier Password ManagementUsing a 3-tier password management structure to manage your password managers.Jul 5Jul 5
Sharing the last 4 characters of your NRIC? Think twice.“Don’t worry; we’re only collecting the last 4 characters of your NRIC.” — famous last words.Aug 2, 20231Aug 2, 20231
Published inThe PayPal Technology BlogPurposeful Innovation for Good“To be a company for good, we need to build purpose into the fabric of our business, such that the day-to-day operations and actions we…Jul 20, 2022Jul 20, 2022
Banks, stop asking for verification when calling customersBank have a practice of asking for verification information when calling customers even while using unrecognised numbers. Should we…Aug 24, 2021Aug 24, 2021
Published inThe PayPal Technology BlogPut on Your White Hat and Hack for GoodSkills-based volunteering and giving is the intersection where businesses and professionals meet with nonprofit organizations (NPOs) to…Jul 20, 2021Jul 20, 2021
Hack The Box’s Cyber Apocalypse 2021 CTF— AlienPhish — Write-upMy colleagues are I took part in the 5-day CTF by HTB in April ’21, where every challenge solved raises some donation to a good cause.Apr 24, 2021Apr 24, 2021