I wrote on Medium in November 2019. I still remember the first story was written at the Suvarnabhumi Airport (BKK) in Thailand. I typed on my Pixel 2XL, using the on-screen keyboard when I was waiting for my girlfriend's arrival.

Not many people use Medium in Hong Kong, but I like reading on medium. Since the last US election, I gave up Facebook. Unlike Facebook, I post on Medium to share what I learned and enjoyed. Before I realized it, my English improved! (I know it still sucks).

When preparing my presentation, the flow and the arrangement of contents secretly…

I Passed!

I just passed the exam of ISSAP® — Information Systems Security Architecture Professional from (ISC)2®. It was one of the most challenging exams I took in my life. All the answers to the multiple choices are correct, but it is required to choose the best answer in most cases. I checked the member count from the official website. There are 25 active holders in Hong Kong and 2061 worldwide.

Cybersecurity | Career

“The only real security that a man can have in this world is a reserve of knowledge, experience and ability.“

— Henry Ford

Lucky am I have the opportunity to meet with all kinds of people in my job. I met professionals in different fields, mostly IT-related. I am for sure one of the IT guys but with one difference. You may argue that cybersecurity is, no matter what, a computer-related field. For me, cybersecurity is more like security in general than IT.

Infosec guys always keep a distance from the system team or network team because what we are…

Cybersecurity

“Facing fear is better than running from it,” he said.
“What if it’s fear you can’t beat?”
“Then it might be better to be dead,” he answered.”
― David Baldacci, Zero Day

If we talk about a zero-day attack, people would probably think of the “SunBurst.” Companies are driven by fear and increase the budget on the most advanced technology to detect and hopefully stop becoming the next Solarwind or Fireye.

And yet, zero-day attacks keep happening. The recent vCenter vulnerability exposed threats against 6,700 unpatched machines online. …

Cybersecurity

“Never interrupt your enemy when he is making a mistake.”
― Napoleon Bonaparte

Although we are trapped as COVID-19 is still around, not everything during a pandemic is bad. A security researcher created a project called Malvuln, which is a vulnerability database, not for our software, but for malware that is used to attack our systems.

Introduction

Launched on the 2nd of January this year, Malvuln provides exploit code for malicious software vulnerabilities similar to what we use for benign software such as VulDB and NVD.

What makes Malvuln so special is that it is the first database solely devoted to…

Privacy | Cybersecurity

Last time I highlighted the privacy and security concerns of Elon’s latest favorite — Clubhouse Drop-in Audio social media app.

The Shanghai-based infrastructure supplier of Clubhouse called Agora Inc. raised security concerns that it may provide information to the Chinese government to identify and monitor users, especially for politically exposed personnel. According to the articles on Bloomberg on 11th Feb:

… the potential for surveillance that worries international users. Chinese law requires its companies to hand over information on request and even gather data on behalf of Beijing, if it’s deemed in the interests of national security. That, along with…

Cybersecurity

Watering Hole Attack is not new in Cybersecurity. Recently, two separated events shed light on this term again, but they are totally distinct things. It is a metaphor of the natural world describing predators who wait for prey near watering holes.

The first belongs to the typical attack technique. A hacker seeks to compromise a specific group of users by infecting sites that the targeted group is known to visit. The second one was literally a Watering Hole Attack in which a water supply system was targeted.

The Most Recent Watering Hole Attacks

Thank you, Dr. Mehmet Yildiz, for trusting me as a writer and editor on Technology Hits. You allowed me to know that I can be a creative and sentimental computer guy. My whole writing journey was started from ILLUMINATION, too!

The Beginning

When I was writing this, I looked back at my first one. It was the time I ate only one meal per day for a month. That was a little success for my biohacking experiment on myself, and I was so excited to tell anyone about it. …