The prices of two crypto tokens — BeautyChain and SmartMesh — dramatically crashed this week. One or more attackers exploited bugs in the their smart contracts and generated huge amounts of tokens out of thin air, massively diluting token supplies. T...
On 11 August 2017, I participated in an online lucky draw. Instead of winning some prizes, I stumbled upon two vulnerabilities. It turned out that their CAPTCHA was as poorly implemented; similar to what was reported on the M1 Wireless@SG site and t...
"Who did it?" is a fairly common question to hear as soon as things calm down and there is time to think again. Hasty conclusions would only lead to massive collateral damage, yet sometimes the urgency to punish and restore order is so pressing, that...
Wireless@SG is a nation-wide free WiFi service in Singapore. To get Internet access from a Wireless@SG hotspot, a user has to register their phone number, and verify that they own that number by entering a single-use PIN, also known as a one-time pas...
The early days in the cyberspace used to be rather safe when compared to the increasingly hostile worldwide wild west, where various hostile governments, criminals, advertisers, and intelligence (or not so intelligence agencies) can inject stuff onto...
Tim (not his real name) routinely spends some of his free time prowling the web for exotic security tools and exploits. Shortly, he stumbled upon a new exploit that was circulating within an underground forum. It pertains to a standard security produ...
%20(White).png)
