DrSuresh.NET

Investigating data leaks

Dr. Suresh Ramasamy — Thu, 12 Mar 2026 00:00:00 +0800

This article provides a systematic method on investigating and confirming data leaks

Work vs Private life - Part 1 - Social Media

Dr. Suresh Ramasamy — Thu, 02 Oct 2025 00:00:00 +0800

We are at the crossroads of defining boundaries between personal vs careeer. This article looks specifically at social media.

SAAS Security - Myth vs Reality

Dr. Suresh Ramasamy — Thu, 04 Sep 2025 00:00:00 +0800

With recent SAAS apps being breached, is security a given for SAAS?

Malaysia's Dual Data Governance - Critical Analysis

Dr. Suresh Ramasamy — Tue, 10 Jun 2025 00:00:00 +0800

This article looks into legal landscape of Malaysian data privacy

Governing AI - ISO 42001 approach

Dr. Suresh Ramasamy — Tue, 03 Jun 2025 00:00:00 +0800

This article looks into the approach of ISO42001 in governing AI

Case Study - Maybank Phishing Incident

Dr. Suresh Ramasamy — Mon, 12 May 2025 00:00:00 +0800

This case study examines the recent happening of a phishing incident at Maybank

Evolving Tactics - OAuth Token Abuse

Dr. Suresh Ramasamy — Tue, 29 Apr 2025 00:00:00 +0800

This article looks into recent strategies of attackers abusing OAuth tokens

Communications, Data and Deep State (applies to Corp)

Dr. Suresh Ramasamy — Fri, 21 Feb 2025 00:00:00 +0800

This article looks into the competition of establishing alternate secure lines of communications and technology platform

Digitalisation - A lost and confused cause

Dr. Suresh Ramasamy — Mon, 20 Jan 2025 00:00:00 +0800

Digitalization is a mandatory CIO/CTO/CDO buzzword. But to what extend is it true?

Secure BYoE

Dr. Suresh Ramasamy — Sat, 21 Dec 2024 00:00:00 +0800

This article looks into vacationing securely while doing BYOE

Is CyberSecurity supposed to be expensive?

Dr. Suresh Ramasamy — Tue, 10 Dec 2024 00:00:00 +0800

This article examines the most common complaint about cybersecurity, being expensive

Handling passwords in 2024 and beyond

Dr. Suresh Ramasamy — Wed, 25 Sep 2024 00:00:00 +0800

There is a new way on handling passwords, 2024 and beyond!

Addendum 1 - Lebanon Attack Case Study

Dr. Suresh Ramasamy — Thu, 19 Sep 2024 00:00:00 +0800

Continuation from Case Study, expanding into what happened

Case Study - Lebanon Pager Explosive attack

Dr. Suresh Ramasamy — Wed, 18 Sep 2024 00:00:00 +0800

This article examines the recent pager explosion that happened in Lebanon

Malaysia's Internet - the thorny issue of DNS blocking

Dr. Suresh Ramasamy — Tue, 10 Sep 2024 00:00:00 +0800

This article looks into the thorny aspect of dns blocking implemented in Malaysia

Managing Professional Relationships - Bank Balance Approach

Dr. Suresh Ramasamy — Tue, 27 Aug 2024 00:00:00 +0800

This article looks into using the bank balance approach in managing professional relationships

Understanding human relationships - Part 1

Dr. Suresh Ramasamy — Wed, 07 Aug 2024 00:00:00 +0800

This article looks into demystifying human relationships in simplistic manner

Adopting Zero Trust in an Enterprise Environment

Dr. Suresh Ramasamy — Tue, 18 Jun 2024 00:00:00 +0800

This article looks into adopting zero trust into enterprise environment

Advanced Persistent Threat - Detection and Response Strategies

Dr. Suresh Ramasamy — Wed, 01 May 2024 00:00:00 +0800

This article looks into detection and resposne strategies against APT attacks

Cybersecurity as a Business Enabler: Beyond Risk Management

Dr. Suresh Ramasamy — Tue, 16 Apr 2024 00:00:00 +0800

This article looks into the bigger picture of CyberSecurity for Business

Blockchain Security: Myths, Realities, and Future Applications

Dr. Suresh Ramasamy — Tue, 19 Mar 2024 00:00:00 +0800

This article looks into blockchain security

Understanding the Global Cybersecurity Regulations and Compliance Landscape

Dr. Suresh Ramasamy — Wed, 06 Mar 2024 00:00:00 +0800

This article look into global impact of regulatory against cybersecurity

Navigating Recent Challenges with Ivanti Pulse Secure: A Deep Dive for Cybersecurity Professionals

Dr. Suresh Ramasamy — Thu, 29 Feb 2024 00:00:00 +0800

This article looks into the recent debacle with Ivanti.

Exploit Development and Vulnerability Research: Ethics and Techniques

Dr. Suresh Ramasamy — Tue, 20 Feb 2024 00:00:00 +0800

This article looks into exploit development and vulnerability research

Integrating cybersecurity with business continuity

Dr. Suresh Ramasamy — Tue, 13 Feb 2024 00:00:00 +0800

This article looks into integrating BCP with Cybersecurity

Cybersecurity Metrics and KPIs for Effective Management

Dr. Suresh Ramasamy — Tue, 06 Feb 2024 00:00:00 +0800

This article looks into cyber security metrics and KPI

The Day the Network Cracked: A Red Teamer's Tale of Tactics and Triumph

Dr. Suresh Ramasamy — Tue, 30 Jan 2024 00:00:00 +0800

This article looks into red teaming cyber operations

The Mergers and Acquisitions Tightrope Walk: Why Cybersecurity is Your Invisible Safety Net

Dr. Suresh Ramasamy — Tue, 23 Jan 2024 00:00:00 +0800

This article looks into the cybersecurity aspects of M&A

The Hidden Costs of Convenience - A Privacy Audit of Truecaller and Whoscall

Dr. Suresh Ramasamy — Thu, 18 Jan 2024 00:00:00 +0800

This article looks into the use of third party apps to identify caller such as Whoscall or TrueCaller

The Financial Impacts of Cybersecurity Breaches: A Comprehensive Overview

Dr. Suresh Ramasamy — Tue, 16 Jan 2024 00:00:00 +0800

This article looks into the debate between to do or not to do for cyber investments

Cyber TechTalk - Latest trends in Cryptography and Encryption Technologies 2024

Dr. Suresh Ramasamy — Tue, 09 Jan 2024 00:00:00 +0800

This article looks into the current trends in cryptography

Middle Management Musing - Emerging Cyber Threats 2024

Dr. Suresh Ramasamy — Mon, 01 Jan 2024 00:00:00 +0800

This article looks into middle management emerging cyber threat management for 2024

Cyber Breach Incident Response: Data Breach Edition - An ISO-Based Approach

Dr. Suresh Ramasamy — Tue, 19 Dec 2023 00:00:00 +0800

This article looks into incident handling when dealing with data breaches

Leadership in Crisis: Managing Cybersecurity Breaches at the Executive Level

Dr. Suresh Ramasamy — Tue, 12 Dec 2023 00:00:00 +0800

This article looks into maintaing and being a leader while handling a cyber crisis

Case Study - OCBC Singapore Phishing Incident

Dr. Suresh Ramasamy — Tue, 28 Nov 2023 00:00:00 +0800

This article presents the case study on OCBC phishing incident

Unveiling the Shadows: A Deep Dive into SIEM Rule Evasion in Cybersecurity

Dr. Suresh Ramasamy — Tue, 21 Nov 2023 00:00:00 +0800

This article looks into threat actor methods in evading SIEM

Dark Web and Cybercrime: A Closer Look at the Underbelly of the Internet

Dr. Suresh Ramasamy — Tue, 14 Nov 2023 00:00:00 +0800

This article stares into the dark web abyss

The Luno Malaysia Case: A Wake-Up Call for Crypto Security

Dr. Suresh Ramasamy — Thu, 09 Nov 2023 00:00:00 +0800

This article looks into Luno's Session court ruling

Okta and the bus

Dr. Suresh Ramasamy — Tue, 07 Nov 2023 00:00:00 +0800

This article is about Okta's incident investigation of recent breach

SEC lays down the law on Solarwinds CISO

Dr. Suresh Ramasamy — Tue, 31 Oct 2023 00:00:00 +0800

This article looks at the SEC taking action against Solarwinds CISO

Okta breached - again!

Dr. Suresh Ramasamy — Tue, 24 Oct 2023 00:00:00 +0800

This article looks into Okta breach that happened October 2023

Cisco IOS XE CVS 10 vulnerability

Dr. Suresh Ramasamy — Thu, 19 Oct 2023 00:00:00 +0800

This article looks into actively exploited Cisco XE vulnerability

HTTP2 Rapid Reset - bug that almost broke Internet

Dr. Suresh Ramasamy — Tue, 17 Oct 2023 00:00:00 +0800

This article looks into the most recent bug on HTTP2 Rapid Reset

Multiple SEA govt targetted in APT attack - Q3 2023

Dr. Suresh Ramasamy — Tue, 03 Oct 2023 00:00:00 +0800

This article looks into the targetted campaign against SEA govt in Q3 2023

New Apple Zero day and MITM affecting Apple devices/users

Dr. Suresh Ramasamy — Tue, 26 Sep 2023 00:00:00 +0800

This articles looks into the most recent zero day affecting Apple devices, identified by CitizenLabs

Cryptography and Quantum Computing

Dr. Suresh Ramasamy — Tue, 12 Sep 2023 00:00:00 +0800

This article talks about Quantum Computing and Cryptography

Case Study - Malaysia Airline's Concentration Risk

Dr. Suresh Ramasamy — Thu, 07 Sep 2023 00:00:00 +0800

This case study examines the recent issue with MAS and BFS

BYOVD - Bring Your Own Vulnerable Driver

Dr. Suresh Ramasamy — Tue, 05 Sep 2023 00:00:00 +0800

This articles blablabla

Kerberos and Forging Tickets (2023)

Dr. Suresh Ramasamy — Tue, 29 Aug 2023 00:00:00 +0800

This articles Kerberos implementation in Microsoft Active Directory and forging tickets

Still changing passwords regularly?

Dr. Suresh Ramasamy — Tue, 22 Aug 2023 00:00:00 +0800

This article looks at the relevance of frequent password changes

Downfall of Intel Chips

Dr. Suresh Ramasamy — Tue, 15 Aug 2023 00:00:00 +0800

A new vulnerabolity affecting CPUs are discussed in this article

Storm in a teacup - 0508

Dr. Suresh Ramasamy — Thu, 10 Aug 2023 00:00:00 +0800

This articles looks into the recent revelation on Microsoft's Storm0508 attack

True C vs False C - Case study on the role CISO - Part 4

Dr. Suresh Ramasamy — Tue, 08 Aug 2023 00:00:00 +0800

This multi part article looks into the argument whether CISO is a True C or a False C role

True C vs False C - Case study on the role CISO - Part 3

Dr. Suresh Ramasamy — Tue, 01 Aug 2023 00:00:00 +0800

This multi part article looks into the argument whether CISO is a True C or a False C role

True C vs False C - Case study on the role CISO - Part 2

Dr. Suresh Ramasamy — Tue, 25 Jul 2023 00:00:00 +0800

This multi part article looks into the argument whether CISO is a True C or a False C role

True C vs False C - Case study on the role CISO - Part 1

Dr. Suresh Ramasamy — Mon, 17 Jul 2023 00:00:00 +0800

This multi part article looks into the argument whether CISO is a True C or a False C role

CISO on crosshair

Dr. Suresh Ramasamy — Tue, 04 Jul 2023 00:00:00 +0800

This article looks into increasing liability of CISO in the industry.

Digital Asset Series: Cyber Risk Management for Trustees

Dr. Suresh Ramasamy — Wed, 28 Jun 2023 00:00:00 +0800

This articles looks into a framework to establish cyber risk management for digital asset trustees

Zero Days, Breaches and Reprise

Dr. Suresh Ramasamy — Tue, 27 Jun 2023 00:00:00 +0800

This thought piece is reflected on current affairs

Digital Assets: Custodian vs Trustee[]()

Dr. Suresh Ramasamy — Thu, 22 Jun 2023 00:00:00 +0800

This articles into digital asset custodians and the importants of its cyber risk management

Barracuda ESG vulnerability

Dr. Suresh Ramasamy — Tue, 20 Jun 2023 00:00:00 +0800

This article examines the recently released vulnerability affecting Barracude ESG

Case Study - MySejahtera Data Breach

Dr. Suresh Ramasamy — Tue, 13 Jun 2023 00:00:00 +0800

This article is the case study for the MySejahtera data breach

ASEAN publicly vulnerable devices

Dr. Suresh Ramasamy — Mon, 12 Jun 2023 00:00:00 +0800

This articles looks into the recent ShadowServer report on ASEAN publicly vulnerable devices

MOVEit Transfer Zero Day and Cl0p

Dr. Suresh Ramasamy — Thu, 08 Jun 2023 00:00:00 +0800

Continuing from previous week, further analysis of the zero day and ransomware group Cl0p

Zero Day MOVEit exploited in the wild (CVE-2023-34362)

Dr. Suresh Ramasamy — Tue, 06 Jun 2023 00:00:00 +0800

This articles goes into a recent zero day affecting MOVEit Transfer solution.

BNM updates its RMIT

Dr. Suresh Ramasamy — Thu, 01 Jun 2023 00:00:00 +0800

This articles looks at recent changes that was made to Malaysia's RMIT

Volt Typhoon - Attack against US

Dr. Suresh Ramasamy — Tue, 30 May 2023 00:00:00 +0800

This articles looks into nation state threat actor Volt Typhoon

MSI/Intel Boot Guard private key leak

Dr. Suresh Ramasamy — Thu, 25 May 2023 00:00:00 +0800

This article looks into the recent MSI/Intel BootGuard key leak

Ledger - from security to insecurity

Dr. Suresh Ramasamy — Tue, 23 May 2023 00:00:00 +0800

Ledger recently made changes to its well known hardware wallet used to secure cryptocurrency/

Dragos Cyber Breach

Dr. Suresh Ramasamy — Wed, 17 May 2023 00:00:00 +0800

Dragos, a cybersecurity specialist has been breached. This is the incident/

Solarwinds, the gift that keeps giving

Dr. Suresh Ramasamy — Mon, 15 May 2023 00:00:00 +0800

Solarwinds revisited - May 2023

Russian FSB cyber operations - Snake malware (DNS/Crypto)

Dr. Suresh Ramasamy — Wed, 10 May 2023 00:00:00 +0800

We review recently exposed Russion FSB cyber operations, looking into the aspects of Cryptography and DNS covert channel

Uber CISO narrowly avoids jail

Dr. Suresh Ramasamy — Mon, 08 May 2023 00:00:00 +0800

This article is about Uber CISO convicted

Long live Passwords! Google introduces Passkeys

Dr. Suresh Ramasamy — Thu, 04 May 2023 00:00:00 +0800

Google introduces passkeys, signalling the end of passwords

Top 5 Cybersecurity Threats - 2023

Dr. Suresh Ramasamy — Tue, 02 May 2023 00:00:00 +0800

This articles reviews the 2023 top 5 cyber security threats

Spectrum of Breach

Dr. Suresh Ramasamy — Tue, 25 Apr 2023 00:00:00 +0800

This articles introduces the concept on Spectrum of Breach

Analysis of GoAnywhere breach

Dr. Suresh Ramasamy — Mon, 10 Apr 2023 01:00:00 +0800

This articles looks into the recent breach involving the use of the GoAnywhere software

BlackCat/ALPHV Ransomware

Dr. Suresh Ramasamy — Mon, 10 Apr 2023 00:00:00 +0800

This articles talks about the recent advisory on BlackCat/ALPHV ransomware based FBI and reproduced by local CERT

The CISO Series - Who CISO's fear most?

Dr. Suresh Ramasamy — Fri, 15 Oct 2021 00:00:00 +0800

This articles dwelves into the question of who CISO fears most