Blog

Between December 2025 and April 2026, attackers used Business Email Compromise with a look-alike domain to divert $2.5M in sovereign debt payments. Here's the technical breakdown of the attack, why it took 4 months to detect, and what Sri Lankan organizations must do now.

A sophisticated Android banking trojan disguised as a SriLankan Airlines promo is bypassing OTPs and biometric MFA to drain accounts. Here's how the infection chain works, its MITRE ATT&CK mappings, and how to protect yourself and your organization.

Updates on digital forensics, governance, IT audits, and security awareness for Sri Lankan organizations.