Here's a recap of recent events. September 2023 At Div0's September meetup, bug hunter Chan Jin Hao shared his findings from the HackerOne Ambassador World Cup (AWC). We also delved into the art of exploiting vulnerable Windows systems with the expertise of Sebastian Wieseler. Huge thanks to HackerOne and our speakers for a memorable evening of learning. Additionally, Div0 collaborated with WithSecure for an Android application hacking workshop for our Women In Cybersecurity (WICS). Thank you to Christina Oh from WithSecure for hosting an insightful workshop and to Tuyen Do and Anushkar Mohin ..read more

Black Hat Asia 2020 comes to an end yesterday — although most of the content will still be available on the virtual conference platform for another month or so. Every year at Black Hat Asia, Div0 is invited to present our observations and insights from the community. 2017, I presented how we build up Singapore's cybersecurity community; 2018, Fadli (my fellow Co-Founder) and I presented how we were involved in national bug bounty programmes and our thoughts regarding bug bounty practices; 2019, I presented the gaps we observed from the conversation cybersecurity practitioners are having vs. w ..read more

I've been playing the 5 challenges in the 'Incident Response' zone at the Div0 playground, https://www.div0.sg/playground. Here are some notes and pointers for each of the challenges in case some of you are stuck: 1. Needle in Haystack This involved using a Kibana interface to answer questions about an incident. This challenge isn't too complicated and provides a chance to experience searching through and manipulating data with Kibana. I found that some of the challenges were best solved using the 'Visualize' pane, which allows us to aggregate the data in ways that are commonly useful in inve ..read more

The Division Zero (Div0) community is invited by the UAE Cyber Security Council to take part in the upcoming global cyber exercise EXPO2020 Dubai "Cyber Protective Shield". "Cyber Protective Shield" is divided into 2 phases: Phase 1: Capture the Flag (CTF) exercise — participating teams will go through a 7-stage challenge with increasing difficulty. Phase 2: Real Cyber-Attack Simulation through a cyber range. Teams are encouraged to work through the pillars of cybersecurity to protect and secure their infrastructure. This virtual exercise will start on 14 March 2022, 3pm (GMT+4, UAE tim ..read more

With a constantly evolving threat landscape, it’s crucial for security specialists to keep their skills up to date. One of the most important skills to help combat cybercrime is the ability to quickly identify new malware compiled and used by attackers. YARA is a unique tool that assists security specialists to recognise and classify malware samples. With the help of YARA, specialists can scan a collection of files against certain patterns and find similar malware samples. By running rules written in YARA on malware collections or on online multi-scanners such as VirusTotal, new variants of pr ..read more

Div0 is excited to once again partner with Black Hat Asia to offer a S$250 discount on Briefings passes for new, in-person registrants with the promo code: Div02023. Black Hat Asia 2023 will be held live, in-person at Marina Bay Sands, Singapore, 11-12 May 2023. For more information, please visit https://www.blackhat.com/asia-23/registration.html ..read more

Today, people are surrounded by digital gadgets, and have more access to digital opportunities. Although our lives have become easier, more interesting, and fun, we must bear in mind that with the increasing amount of technology, coupled with more volumes of data, and ways of their usage, the number of security breaches is growing. Rise to the challenges of a rapidly changing world by tackling security issues posed by new technologies. Come solve cybersecurity issues in the following areas: 1. Router Security Save the "brain" of the Internet of Things (IoT) from becoming a victim of cybercrimi ..read more

Introduction You may have come across the term honeypot either when studying or working in the cyber security industry. What is a honeypot? According to Wikipedia, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorised use of information systems. How I see a honeypot is a system deliberately configured to gather data on the latest cybersecurity landscape and also to test a hypothesis. The mirror of honeypots in the real world is honeytrap which involves the use of romantic relationships for interpersonal, political, or moneta ..read more

The global COVID-19 situation has forced the world into an unusual state — with travel restrictions, social distancing, etc. However, it is still business-as-usual in cyberspace — with more sophisticated cyber threats being introduced every other day, and the increased no. of cyber breaches and incidents. The importance of cybersecurity has grown with the insurgence of digitalisation of every aspect of our lives — the way to live, work, learn, and play. The GCC Committee unanimously acknowledged that we cannot take a pause in our yearly endeavour in developing the world's next-generation cyber ..read more

Black Hat Asia 2021 will be a virtual event this year, held entirely online in the Singapore time zone, May 4-7, 2021. You’ll experience the same high-quality content, networking opportunities and also stay up-to-date on the latest research in information security risks, developments and trends. In addition, having a Briefings pass grants you access to keynotes, Q&A opportunities with presenters, 30-days on-demand access to all Briefings (post-event), Arsenal open-source tool demos and more. Register now using the discount code "21bha2w" to get S$200 off the Briefings pass price (Current p ..read more