Junade Ali

NK News - North Korea News • 24th August 2021

Hacked DailyNK website infected broad range of organizations | NK News

The North Korean malware attack against Seoul-based DailyNK has spread across multiple companies that accessed the website over the past few months, cybersecurity firm Kaspersky has told NK News. The infections contradict Daily NK’s claim that hackers inserted the malicious code on pages only accessible to its own staff, and raises questions about the organization’s decision to keep its readers in the dark about the security breach. Senior Kaspersky Security Researcher Seongsu Park said the ma

NK News - North Korea News • 23rd August 2021

Half a dozen North Korean domains offline after apparent server outage | NK News

At least half a dozen North Korean websites and email servers dropped off the internet last weekend in a sign of growing instability of the country’s IT infrastructure. The server outage on Saturday night disrupted access to the websites of Air Koryo, the Ministry of Foreign Affairs, the Naenara web portal, Kim Il Sung University, as well as the email servers for Sili Bank and Star Joint Venture, cybersecurity researcher Junade Ali told NK News. The outage followed a change last month in how b

NK News - North Korea News • 18th August 2021

Hackers infect DailyNK website with malware to spy on readers | NK News

For at least two months, hackers linked to North Korea have been attacking readers of the DailyNK website with custom malware capable of stealing files and passwords, cybersecurity firm Volexity revealed in a report on Tuesday. The attack used two known vulnerabilities in Microsoft’s Internet Explorer and Edge web browsers to install malware dubbed “Bluelight,” according to the researchers. Once launched, the malicious software reportedly takes frequent screenshots, copies files, steals passwor

NK News - North Korea News • 21st July 2021

How to reduce the risk of getting hacked by North Korea | NK News

How to reduce the risk of getting hacked by North Korea Sophisticated lures make it increasingly difficult to avoid a security breach, but experts say some habits still help While North Korea’s hacker army continues to batter major corporations around the world, experts say it’s important to remember that most security breaches attributed to the DPRK start with a single employee — and often a single click. Individuals can significantly lower their risk of getting hacked by paying close attenti

The Register • 14th July 2021

Report: 83% of UK software engineers suffer burnout, COVID-19 made it worse

A report on the wellbeing of UK software engineers (developers and DevOps professionals) found 83 per cent suffering from some degree of burnout, with most agreeing that COVID-19 was partly to blame. This survey [PDF] was conducted in June 2021 by pollsters Survation, on behalf of DevOps company Haystack, and although the number of participants was small (just over 250) it was conducted by interviews, rather than online forms which are vulnerable to low-quality responses. The respondents were

ZDNet • 13th July 2021

Developer burnout isn't going away. Employers need to act now

Big workloads continue to have a huge impact on resource-strapped software teams, with a new survey by Haystack finding that more than 8 in 10 developers suffer from burnout at work. Technology has played a key role in the fight against COVID-19, with IT teams helping businesses to adapt to remote working and digital-first operations. But this rapid adoption of technology has had a massive impact on those tasked with implementing it, with various reports highlighting the mental strain develope

Communications of the ACM • 13th July 2021

83% of Developers Suffer From Burnout, Study Finds

Eighty-three percent of software developers suffer from workplace burnout, according to a study from Haystack Analytics. The top reasons for burnout include high workload, cited by 47% of respondents, inefficient processes, cited by 31%, and unclear goals and targets, cited by 29%, according to "Study to Understand the Impact of COVID-19 on Software Engineers." Burnout worsened during the pandemic, the study says. The study also finds that 83% of developers are concerned about software reliabi

IT PRO • 13th July 2021

83% of developers suffer from burnout

The vast majority (83%) of software developers are suffering from burnout at work, according to a new survey. The study, carried out by Haystack Analytics, found that the top reasons cited for burnout included high workloads (47%), inefficient processes (31%), and unclear goals and targets (29%). The study found that burnout worsened during the COVID-19 pandemic, with 81% of developers reporting increased burnout due to the outbreak. The top reason developers cited for increased burnout amid t

ITProPortal • 12th July 2021

The vast majority of developers suffer from burnout

Intense workloads, inefficient processes and unclear goals are pushing most software developers to the brink, a new report from engineering productivity company Haystack Analytics suggest. According to the report, more than four in five (83 percent) software developers suffer from workplace burnout, a problem that has only worsened since the start of the Covid-19 pandemic. While increased workload was the number one source of burnout for software developers during the pandemic, 83 percent also

NK News - North Korea News • 29th June 2021

Experts warn report on North Korea’s cyber power understates true threat | NK News

A new analysis of cyber capabilities and national power has ranked North Korea in the lowest of three tiers, arguing that the DPRK’s offensive cyber operations are of low sophistication and hampered by the limited number of skilled hackers in the country. The report published on Monday by the International Institute for Strategic Studies (IISS) put North Korea’s “cyber power” on the same level as Indonesia and Malaysia — an assessment that experts said underestimates the true abilities of North

NK News - North Korea News • 25th May 2021

North Korean websites go dark after botched server upgrade | NK News

More than a dozen North Korean websites were knocked off the internet on Tuesday morning due to a failed software update, according to screenshots obtained by NK News. Websites affected by the outage included the online presence of The Pyongyang Times, the Ministry Of Public Health and at least 14 other sites hosted on the same server, records on the internet’s Domain Name System (DNS) showed. “The fact these websites are hosted on a single server which is liable to be taken offline by such out

NK PRO • 2nd April 2021

North Koreans sharpen their cyberskills at online coding competitions

Free platforms may offer insights to threat researchers but help the DPRK build its cyber force, experts say Dozens of North Korean software developers appear to be honing their skills on freely accessible coding platforms that may help the DPRK build its cyber force, an NK Pro investigation of profiles across several such websites showed. But cybersecurity experts said that the participation of North Korean programmers in these coding competitions may also reveal interests, techniques and prog

NK PRO • 26th February 2021

North Korean hackers breached sensitive defense network at Russian firm

DPRK-linked Lazarus Group accessed restricted data by using “highly interesting technique,” according to Kaspersky In a successful attack that shows how quickly North Korean hackers are able to evolve, the DPRK-linked Lazarus Group stole sensitive information from a Russian defense firm, cybersecurity firm Kaspersky said on Thursday. According to the report, the hackers compromised a router in mid-2020 to create a bridge into a strictly separated network — a “highly interesting technique” that

Times of Malta • 8th November 2020

Security concerns hamper IoT adoption

In its annual Internet of Things (IoT) survey, Internet of Things World found an overwhelming majority of (85 per cent) believe that security concerns remain a major obstacle to the roll out of IoT. Almost two-thirds (64 per cent) of respondents said end-to-end IoT security is their top short-term priority, surpassing machine learning and artificial intelligence (AI). With IoT potentially flooding wireless networks with billions of new connected devices, security must be a top priority for engi

The Institution of Engineering and Technology • 9th September 2020

The IET - From apprentice to Chartered Engineer: at just 24

“As studying took a larger share of my time, I took a role working with embedded electronics for road traffic systems at a more traditional engineering firm,” he says. “About five years ago I was headhunted by an internet infrastructure and cybersecurity firm I had always wanted to work for.” Now an Engineering Manager, Junade leads an Operations Research team in charge of developing technologies in Artificial Intelligence and formally verified software to drive improvements in cybersecurity an

MobileSyrup • 10th August 2020

mobilesyrup - 'Have I Been Pwned' creator to take service open source

Online security is a significant issue these days, and as people rely more on internet services, their libraries of accounts and login credentials also grow. Unfortunately, it’s practically guaranteed that somewhere along the line, attackers will breach a service you use and expose your passwords, login details and more. There are plenty of tools to help mitigate the threat — password managers, biometric authentication and two-factor authentication (2FA) can all help. Another popular tool is a

The Verge • 7th August 2020

The Verge - Have I Been Pwned — which tells you if passwords were breached — is going open source

These days, we almost take it as a given that piss-poor security will inevitably expose some of your usernames and passwords to the world — that’s why 2FA is so important, and why you might want a password checkup tool like the ones now built into every modern browser (well, Safari is coming soon) so you can quickly replace the ones that were stolen. But nearly all of those password checkup tools owe something to Troy Hunt’s Have I Been Pwned, which was kind of a novel idea when it first launch

The Register • 27th June 2018

The Register - Firefox hooks up with HaveIBeenPwned for account pwnage probe

Firefox has started testing an easier way for users to check whether they're using an online service that has been hacked, through integration with Troy Hunt's HaveIBeenPwned database. The hookup will work like this: part of a user's email address is hashed, and this hash is used to check if the address appears in HaveIBeenPwned's database of 5.1 billion email addresses linked to compromised internet accounts. The “Firefox Monitor” test will start with 250,000 users, mostly in the US, accordin

26th June 2018

Threat Post - Mozilla Announces Firefox Monitor Tool Testing, Firefox 61

Mozilla has made some sweeping security announcements this week: On Monday, the company announced it is testing a new security tool called Firefox Monitor, which the firm said securely checks to see if users’ accounts have been hacked. That news came just as the browser giant released Firefox 61 for Windows, Mac, Linux and Android. The testing of Firefox Monitor also comes on the heels of Mozilla’s partnership with Cloudflare and Have I Been Pwned (HIBP). Similar to the existing function of HI

TechRepublic • 26th June 2018

TechRepublic - Mozilla’s new Firefox service can tell users if they’re a victim of a data breach

Mozilla is integrating with the online tool Have I Been Pwned to alert users if they are at risk following website hacks. Mozilla is now offering the ability to check if Firefox users have been the victim of data breaches through the new Firefox Monitor service. The service uses the dataset of the popular website Have I Been Pwned? (HIBP), which collects and analyzes the database dumps disseminated in the darker corners of the internet. From this dataset, both users of HIBP and Mozilla's Firefo