Sign in

Zen Chan

Cybersecurity | Technology

The Era of Ransomware 2.0

Image by Mohamed Mahmoud Hassan from | CC0 Public Domain

My colleague called me today urgently asked for my advice. I thought it was work-related, it turned out someone was affected by ransomware, and she wanted to see if anything I can do while the files were already encrypted. Not before I make any comments, my colleague told me that the victim paid eventually.

The story didn’t end there. There is a follow-ups payment that needs to be paid for the second “key” — a new technique that hackers use as “double-extortion.” …

Cybersecurity | Technology

It’s Time To Protect Yourself; Even You Have Nothing To Hide

How To Be Anonymous Online. It’s Time To Take Back Our Control on… | by Zen Chan | Medium
How To Be Anonymous Online. It’s Time To Take Back Our Control on… | by Zen Chan | Medium
Image by Tony Webster from Wikimedia | Creative Commons

A while back, I met an old friend who I hadn’t seen since I graduated. We went for a cup of coffee to catch up for the past decades. He told me he was watching “Breaking Bad” in season 2. And we both love Breaking Bad (Who didn't?) I also recommended him to try Westworld as “Jessie Pinkman” was in last season.

From top stories to practical guides

List of Zen’s InforSec on Medium and Thank you. | by ZEN CHAN | Dec, 2020 | Medium
List of Zen’s InforSec on Medium and Thank you. | by ZEN CHAN | Dec, 2020 | Medium
“Miracles do happen” in Central, Hong Kong | Copyright by the author

I wrote on Medium in November 2019. I still remember the first story was written at the Suvarnabhumi Airport (BKK) in Thailand. I typed on my Pixel 2XL, using the on-screen keyboard when I was waiting for my girlfriend's arrival.

Not many people use Medium in Hong Kong, but I like reading on medium. Since the last US election, I gave up Facebook. Unlike Facebook, I post on Medium to share what I learned and enjoyed. Before I realized it, my English improved! (I know it still sucks).

When preparing my presentation, the flow and the arrangement of contents secretly…

What I learned after becoming an ISSAP®

The ONE thing that makes a Great Cybersecurity Professional What I learned after becoming an ISSAP®
The ONE thing that makes a Great Cybersecurity Professional What I learned after becoming an ISSAP®
Photo by Hunters Race on Unsplash

I Passed!

I just passed the exam of ISSAP® — Information Systems Security Architecture Professional from (ISC)2®. It was one of the most challenging exams I took in my life. All the answers to the multiple choices are correct, but it is required to choose the best answer in most cases. I checked the member count from the official website. There are 25 active holders in Hong Kong and 2061 worldwide.

Technology | Cybersecurity

And What You Can Do When Your Phone is Hacked

Image from Pxhere | Creative Commons CC0

Often people will ask me whether if their device was hacked. Out of curiosity, I would dig in and look for signs that may give me some insights. Luckily, what I found was mostly non-threatening and caught at an early stage. It makes me think why people have this suspicion.

According to McAfee’s 2020 Mobile Threat Report, over half of the mobile malware “hide” themselves on a device — without an icon on screen — hijacking the device to serve unwanted ads and steal personal information that can be sold or used hold victims to ransom.

Another report from MalwareBytes…

Cybersecurity | Technology

Why Awareness Training Cannot Stop Phishing Attacks

Image by 周小逸 Ian from Flickr | (CC BY 2.0)

If we recently visited the major cybersecurity incidents, there is one common weakness — the end user’s trust. Besides users being tricked by more advanced and socially engineered phishing attacks, there is an overabundance of threats that user awareness training can do nothing about.

Phishing attacks, in particular, are becoming more difficult to detect and are missing 39% of the time, according to the survey of email security firm GreatHorn.

An Easier and Better Way to Add Images to Your Story

Image from Pxhere | Creative Commons CC0

Hey you, thank you. When you are reading this, it means that you are a good person. Editors would thank you for that.

Because you want to make someone’s life easier (who doesn’t?), didn’t mean you need to suffer. What I am going to share with you can help you get published by any publications faster. And by that, you leave a better impression on the publication. And the fortune cycle begins.

The Most Time-consuming Task as Editors

Thank you, Dr. Mehmet Yildiz, for trusting me as an editor for Technology Hits and Illumination’s Mirror. I learned more than I write as an editor. …

Cybersecurity | News

What We Learned From the Ransomware Campaigns Targeting Critical Infrastructure

Image from | CC0 Public Domain

Colonial Pipeline Co. may have turned off the operation after the ransomware attack on Friday, but new developments of the devasting impact keep appearing.

In the wake of this unusual cyberattack, President Biden signed an executive order Wednesday to reinforce the cyber defenses of the federal government. This is a reasonable reaction as the administration faced several cyberattacks, including SolarWinds, widespread Microsoft Exchange exploits, and last week’s ransomware incident against the pipeline company causing enduring gas shortages.

Although the investigation is ongoing, the FBI has confirmed

Cybersecurity | Technology

New Phishing Techniques Explained and How to Avoid Falling for it

Image by Tumisu from

Here is my addition to extend the topic:

Most of us will not click on the email claiming we are a lottery winner nowadays. However, phishing attacks evolved and remained the most dangerous cyberattack for individuals or enterprises since the first phishing attack in 1995.

According to a report by email security company Valimail, over three billion spoofing messages are sent each day, nearly 1% of all email traffic. And this is costing quite costly damage to our society. …

Privacy | Technology

If Someone Steals Your Phone Number, They Become You.

Photo by Markus Winkler form PxHere

Assuming you read my previous article and learned how to limit your exposure online. You set up a password manager and enabled multi-factor authentication for your accounts. There is more to be done to keep you safe. You might think your ID number or bank account numbers are the most sensitive digits. Sadly, with only your cell phone number, hackers can do far more damage with little effort.

Zen Chan

Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running. Top Writer in Privacy. Editor of Technology Hits.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store