Cybercriminals Are Using Fake AI Tools to Spread Malware
The massive excitement around Artificial Intelligence (AI) tools has become a goldmine for cybercriminals. They’re heavily using this buzz to trick people into downloading dangerous ransomware and malware. This isn’t just a tactic for highly advanced hackers anymore; even smaller, lesser-known groups are now effectively using this strategy. These malicious actors, including ransomware gangs like […]
“Royalties” Under Section 70 of the Thai Revenue Code
Contributors Santana Saksudhayakom Advisor “Royalties” ค่าสิทธิ Section 70 of the Thai Revenue Code Section 70 of the Revenue Code stipulates that any payment of royalties made from or in Thailand to a company or juristic partnership established under foreign law and not carrying on business in Thailand is subject to withholding tax. The payer […]
Surviving the First Wave: Cybersecurity Lessons from First Quarter
The first quarter of 2025 confirmed that the cyber threat landscape continues to evolve rapidly, with attackers becoming more sophisticated and targeted. This period was marked by a sharp rise in AI-driven phishing, the persistence of ransomware, and increasing risks associated with cloud services and SaaS applications. Here’s a comprehensive summary of what we saw […]
Over 16,000 Fortinet Devices Compromised with Symlink Backdoor
Security researchers have discovered that over 16,500 Fortinet FortiGate firewall devices have been compromised by attackers using a symlink-based backdoor. This attack allows persistent and stealthy remote access to affected systems. The discovery was made by Lexfo Security, and the infections are believed to have started as early as 2022. Despite patches being released by […]
SuperBlack Ransomware Exploits Fortinet Vulnerabilities for Unauthorized Access
A new ransomware group known as ‘Mora_001’ has been identified exploiting two authentication bypass vulnerabilities in Fortinet firewall appliances to deploy a custom ransomware strain named ‘SuperBlack’. Exploited Vulnerabilities: CVE-2025-24472: Initially fixed in January 2025, this vulnerability enables remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests. Although Fortinet initially stated […]
Critical RCE bug in Microsoft Outlook now exploited in attacks
CISA Urges U.S. Federal Agencies to Secure Systems Against Critical Microsoft Outlook Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to U.S. federal agencies, urging them to secure their systems against ongoing attacks exploiting a critical remote code execution (RCE) vulnerability in Microsoft Outlook. This vulnerability, identified by Check Point researcher Haifei […]
Understanding the Dark Web: Implications for Financial Assurance
The Dark Web and Financial Institutions The Dark Web, a hidden subset of the internet, presents unique risks and challenges for financial institutions. As a space where anonymity thrives, it has become a hub for illegal activities, including the trade of stolen financial data. Understanding and addressing these risks is essential for the financial assurance […]
Fortinet Warns Users to Beware of Zero-Day Vulnerabilities Already Exploited
CVE-2024-55591 Vulnerability: Authentication Bypass Threat Impacting FortiOS and FortiProxy CVE-2024-55591 is an Authentication Bypass vulnerability affecting FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.79 and 7.2.0 to 7.2.12. This vulnerability allows attackers to send malicious requests to the Node.js WebSocket, granting themselves super-admin privileges. Attack Patterns According to observations from Fortinet and […]
Thailand’s New Minimum Wage Law 2025 -Important Update for Employers
The Wage Committee has announced a Notice of Minimum Wage Rates (No. 13) with a significant increase in the minimum wage, effective 1 January 2025. This change will have a major impact on businesses, particularly in the areas of Chachoengsao, Chon Buri, Phuket, Rayong, and Surat Thani Province (Ko Samui District), where the minimum wage […]
AI and Cybersecurity Trends for 2025
This emphasizes the growing sophistication of AI-driven cyber-attacks, characterized by increasingly convincing phishing attempts and adaptive malware. The use of AI to target critical infrastructure further underscores the significant challenges faced by cybersecurity professionals. Moreover, the proliferation of deepfakes and synthetic media will necessitate the development of advanced tools for detection and mitigation. In addition, […]
