Outsourcing Without Oversight: PDPA Penalties Hit Healthcare Sector
On August 1, 2025, Thailand’s Personal Data Protection Committee (PDPC) issued a formal statement regarding a serious data breach involving a prominent private hospital. The incident has sparked widespread attention across social media and raised concerns about data governance in the healthcare sector. Incident Overview The hospital, acting as the Data Controller, had outsourced the […]
How attackers are still phishing “phishing-resistant” authentication
🔐 Overview Despite the rise in phishing‑resistant authentication methods such as FIDO2-based passkeys, WebAuthn, Windows Hello, and physical security keys attackers continue to successfully bypass them using more sophisticated phishing techniques. 🧪 Attack Techniques Used 1. Downgrade Attacks 2. Device‑Code Phishing 3. Consent Phishing (OAuth Abuse) ⚖️ Why These Methods Still Work ✅ Mitigation Strategies […]
Thailand Under Siege: What the Latest Cyber Attacks Mean for All of Us
I’ve been following cybersecurity news for years, but what’s happening in Thailand right now has me genuinely concerned. It’s not just another data breach or ransomware story – this feels different, more targeted, and frankly, more dangerous. What’s Really Going Down in Thailand Since March, Thai government systems have been getting absolutely pounded by hackers. […]
16 billion passwords exposed in record-breaking data breach
The massive excitement around Artificial Intelligence (AI) tools has become a goldmine for cybercriminals. They’re heavily using this buzz to trick people into downloading dangerous ransomware and malware. This isn’t just a tactic for highly advanced hackers anymore; even smaller, lesser-known groups are now effectively using this strategy. These malicious actors, including ransomware gangs like […]
Insider Threats: Lessons from MAD UNICORN on Safeguarding Business Integrity
In the Thai Netflix’s series MAD UNICORN (สงครามส่งด่วน), audiences are drawn into the high-stakes world of logistics startups, where ambition, betrayal, and corporate espionage collide. At the heart of the story is Santi, a visionary entrepreneur whose journey is derailed not by external competitors, but by trusted insiders. This narrative offers a compelling lens through […]
Cybercriminals Are Using Fake AI Tools to Spread Malware
The massive excitement around Artificial Intelligence (AI) tools has become a goldmine for cybercriminals. They’re heavily using this buzz to trick people into downloading dangerous ransomware and malware. This isn’t just a tactic for highly advanced hackers anymore; even smaller, lesser-known groups are now effectively using this strategy. These malicious actors, including ransomware gangs like […]
Surviving the First Wave: Cybersecurity Lessons from First Quarter
The first quarter of 2025 confirmed that the cyber threat landscape continues to evolve rapidly, with attackers becoming more sophisticated and targeted. This period was marked by a sharp rise in AI-driven phishing, the persistence of ransomware, and increasing risks associated with cloud services and SaaS applications. Here’s a comprehensive summary of what we saw […]
Over 16,000 Fortinet Devices Compromised with Symlink Backdoor
Security researchers have discovered that over 16,500 Fortinet FortiGate firewall devices have been compromised by attackers using a symlink-based backdoor. This attack allows persistent and stealthy remote access to affected systems. The discovery was made by Lexfo Security, and the infections are believed to have started as early as 2022. Despite patches being released by […]
Cybercriminals Are Evolving — And They’re Using AI Against You.
At PKF, we recognize that the cybersecurity landscape demands strategic vigilance, technical agility, and board-level attention. Microsoft’s latest Digital Defense Report outlines urgent trends that reaffirm what we’ve seen across industries: cyber risk is no longer a technical issue—it’s a business-critical concern. Here are the key highlights and what they mean for our clients and […]
SuperBlack Ransomware Exploits Fortinet Vulnerabilities for Unauthorized Access
A new ransomware group known as ‘Mora_001’ has been identified exploiting two authentication bypass vulnerabilities in Fortinet firewall appliances to deploy a custom ransomware strain named ‘SuperBlack’. Exploited Vulnerabilities: CVE-2025-24472: Initially fixed in January 2025, this vulnerability enables remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests. Although Fortinet initially stated […]
