Knowledge / Articles


Earlier in February, Whitehat Society was privileged to have the opportunity to be interviewed by Lian He Zao Bao given that Information Security is steadily gaining more time in the spotlights. The interview briefly covered an introduction to Whitehat Society, what is Information Security in general and why we were interested in it. Whitehat Society is glad that the general public is taking greater interest in cybersecurity and strives to continue its efforts in promoting Information Security awareness to the SMU community.

We would like to thank Lian He Zao Bao for the interview as well as Wong Wai Tuck, Jaren Lim and Winston Ho for their time in showcasing a ‘live’ Information Security demo during the interview.

Read the article by Lian He Zao Bao here and below are some photos from the interview.

photo_2017-03-12_12-32-33

photo_2017-03-12_12-32-57

photo_2017-03-12_12-32-55

photo_2017-03-12_12-32-47

photo_2017-03-12_12-32-42



robotics_process_automation

RVSP NOW!
https://goo.gl/forms/HD43tRZpt2qqNyln2

Dinner will be provided

Synopsis

Robots. We see them in movies, and they’ve transformed the manufacturing industry. But those robots have imposing physical bodies.

Now imagine, a robot without a body.

Robotic Process Automation (RPA) applies technologies that allow employees in a company to configure software robots to capture and interpret existing applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems. Similar to a software macro, but way more powerful. RPA robots provide dramatic improvements in accuracy, cycle time and increased productivity while relieving people from dull, repetitive tasks. RPA robots are set to revolutionize the way we think and administer processes in business, IT support, workflow, remote infrastructure and back-office operations.

Give yourself that edge in understanding RPA – the technology highly sought after in businesses, banks and consulting practices.

Come join us in an exciting RPA industry sharing by expert, Saurabh Jaiswal.

About Saurabh Jaiswal

Saurabh Jaiswal is the Global Project Manager of the Enterprise Service Innovation Lab at IBM. He oversees the implementation and delivery of the IT programme/projects on various platforms such as web, mobile, and Blue Prism – working with robotic process automation and analytics. Saurabh is the founder of IBM Toastmasters Club Singapore and is the winner of 3 Public Speaking Competitions in IBM. His hobbies include coaching, volunteering, music and jogging.



In lieu of the coming recess week, Whitehat Society organised its very first welfare drive on the 15th of February for its members. However, despite recess week supposedly being a ‘break’ from regular school time, many in SMU would often beg to differ. Some may even say that they would often have even more work and projects to complete during recess week, making it just as stressful, if not more, as regular term time. Understanding the needs of the SMU community, Whitehat Society had the privilege of inviting Mr. Saurabh Jaiswal for a short yet effective lunchtime pep talk designed to help students cope with the the increasing stress.

photo_2017-02-20_10-26-12

In his power speech, Mr. Jaiswal covered the following:

  • 3 Top techniques to stress free exams
  • Time management and stress management tips
  • 3 Top tips to boost motivation

photo_2017-02-20_10-25-50

Whitehat Society would like to thank Mr. Jaiswal for his time and we hope that our members would be better equipped to handle stress and cope with their increasing workload in the coming weeks!

Saurabh Jaiswal is a Global Project Manager at IBM and the founder of IBM Toastmasters Club Singapore. He has won 3 Public Speaking Competitions in IBM till date and enjoys speaking passionately to deliver powerful and useful messages.



groupphotoFrom left to right: Poon Swee Heng, Kong Yu Jian, Wong Wai Tuck, Lau Zi Quan, Sally Chin, Martius Lim

SIS Day is an annual event organised by the School of Information Systems Society (SISS) to commemorate the founding of SMU’s School of Information Systems (SIS). SIS Day 2016 featured a carnival in the afternoon where special interest groups under SISS were able to showcase some of the various club activities as well as a Coding Challenge in the evening where students competed against one another in an intense problem solving competition.

This year, Whitehat Society illustrated the potential dangers of macros in Microsoft Excel when opening files from untrusted sources. Winston Ho (Vice-President of Whitehat Society) demonstrated how simply downloading and opening an Excel file resulted in the execution of an embedded macro in the file despite having an updated anti-virus program. This malicious macro opened a reverse shell back to Wong Wai Tuck’s (President of Whitehat Society) computer where he was then able to perform various tasks such as turning on the webcam and streaming it, record keystrokes for passwords as well as download and save sensitive files from the infected computer.

We are also proud to announce that both of the grand-finalists in the Coding Challenge 2016 were from Whitehat Society. Congratulations to Wong Wai Tuck for winning a brand new PlayStation 4 in the competition and Lau Zi Quan for winning a GoPro Hero Session 4 from taking the first runner-up!

Here are some of the photos of the event!

whitehatbooth3
Wai Tuck and Winston at the Whitehat Society booth!

whitehatbooth4Winston demonstrating the Excel macro infection to fellow students

codingchallenge3Coding Challenge 2016 Finalists Lau Zi Quan (left) and Wong Wai Tuck (right)

codingchallenge4 codingchallenge1



SCC

GovernmentWare (GovWare) is the region’s premier conference and showcase for Cyber Security as well as the foundation event for the inaugural Singapore International CyberWeek (SICW). The Singapore Cyber Conquest (SCC) is a computer and network security challenge that is designed to test the participants’ skills and wit in a cyber range.

The 2016 Singapore Cyber Conquest was driven by SANS NetWars, a dynamic cyber range that allows participants to build, practice, and measure their skills in real-world defensive, analytic, and offensive practices, covering the following skill areas: vulnerability assessment, packet analysis, penetration testing, system hardening, malware analysis, digital forensics and incident response. SANS NetWars is based on five distinct levels, each of which is designed for people who have achieved a given skill set, ranging from participants new to the industry all the way up to those who have demonstrated their mastery of information security capabilities:

Level 1: This level is for people new to the information security industry.
Level 2: At this level, participants have achieved solid capabilities, and represent the largest player community in SANS NetWars, as they work to build their skills even further to differentiate themselves from the pack.
Level 3: People at this level have achieved something quite significant: they’ve exceeded the capability of the average info sec person, and proudly continue to grow to the next level.
Level 4: Some people say that there’s a phrase for SANS NetWars participants who achieve this level: “Hire or promote them immediately!” That’s due to their demonstration of excellence in solving even the most challenging Infosec challenges.
Level 5: In Level 5, master Infosec gurus battle against each other in a castle-vs-castle face-off. This level is seldom reached in a SANS NetWars tournament.

Team Whitehats (Wong Wai Tuck and Winston Ho) under Whitehat Society was ahead of most of the competition at the top of the leader board for the majority of the 7 hour long competition and managed to reach level 4 of the competition. Apart from Team Whitehats, Teams Whitehats Jr (Toh Zi Jie and Jorden Seet) and WTFC (Lau Zi Quan and Martius Lim) also reached level 3 of the competition. Whitehat Society would like to congratulate Teams Whitehats, Whitehats Jr and WTFC for their valiant efforts and respectable performance shown in the SCC.

Here are some of the photos from the event!

SCC Group PhotoFrom left to right
Back row: Toh Zi Jie, Winston Ho, Jorden Seet
Front row: Martius Lim, Wong Wai Tuck, Lau Zi Quan

SCC Scoreboard

If you are interested in attending such events in the future please contact us at issig@sa.smu.edu.sg :)



Over the month of August, Whitehat Society hosted two helpful workshops covering the basics of setting up an e-Commerce site on WordPress as well as becoming proficient with Microsoft Excel. The workshops also covered security vulnerabilities in each application as well as tips on preventing those exploits.

Whitehat Society would like to thank Sally Chin, Mah Chia Hui and Wong Wai Tuck for conducting these enriching workshops. We hope you have found these workshops beneficial.

Interested in what you see? Join us at our info session here:  Signup Form for Infosession
Want to be a part of Whitehat Society? Sign up for our sub-committee here: Signup Form for Subcommittee

Photo 6-8-16, 1 03 19 PM

 

Photo 6-8-16, 1 43 53 PM

Photo 6-8-16, 2 54 50 PM  Photo 13-8-16, 1 39 51 PMPhoto 13-8-16, 1 42 46 PM

 



CDDC_2016_poster_3

The annual Cyber Defenders Discovery Camp (CDDC) organised by DSTA is a prestigious competition that brings in the best from all tertiary institutes all over Singapore. This year’s CDDC attracted 400 participants to Singapore University of Technology and Design (SUTD) to battle it out for the top prize of $8000. It comprised of a three day intensive bootcamp where students were introduced to and trained in cybersecurity techniques such as identifying system vulnerabilities and exploiting them as well as how to defend against such attacks.

The camp concluded with an exciting competition where teams raced against time and pitted their skills against each other as they were required to both defend their network and systems as well as attack vulnerable machines. Participants were able to put all the knowledge and skills that they have learnt over the last few days to the test as they vied for the top.

This year, more than 30 students from Singapore Management University (SMU), Whitehat Society participated in CDDC.

photo_2016-06-10_14-26-23

In order to prepare for this, Whitehat Society conducted a series of gruelling cybersecurity training workshops every weekend for its members over the past month. The hard work and dedication of our members paid off, and culminated in outstanding results in the competition.

Congratulations to the following teams for winning the respective awards and medals!

Best Defence
Hello World

Silver Medal
est2016
Hello World
Tricksterz

Bronze Medal
GoldenPackage
We-SIS
Visual Source

We hope that all participants went home with a deeper understanding and greater appreciation for cybersecurity as well as a good experience. Join us at next year’s edition of CDDC!

CDDC group photo

Hack on!



How Secure do you think your android phone is? Are only rooted android phones vulnerable to malware? Sai Sathya narayan Venkatraman came down from MWR InfoSecurity to share on how exactly an adversary can make use of a malicious application you have installed on your phone to extract passwords, make rogue phone calls on infected cellphones, overcome root detection.

During the 2 hour talk, participants got a very quick overview on how static malware analysis on android phone could be done and did a hands-on practical challenge at the end of the session where participants were given a T-shirt if they could solve the challenge!

Some of the tools that were discussed and used during the hands-on session were drozer, dex2jar and android phone emulator using ubuntu iso image. If you would like to know more feel free, please email WhiteHats Society to get more details!

Some of the participants at MWR Info Security Session

Some of the participants at MWR Info Security Session

 



Think you have got what it takes to be a cyber security warrior? Then you should take part in WhiteHacks CTF organized by WhiteHats Society and proudly sponsored by CSA (Cyber Security Agency of Singapore) and ThinkSecure for the OSSA(Operational System Security Analyst) certification!

Participants immerse themselves in not only online challenges but also physical challenges such as dumpster diving.

Helper teaching the participants from RJC during WhiteHacks

Helper teaching the participants from RJC during WhiteHacks

Participants from various schools

Participants from various schools

Challenge to take photo with as many helpers as possible!

Challenge to take photo with as many helpers as possible!

Participants and helpers in WhiteHacks CTF

Participants and helpers in WhiteHacks CTF

Presenting token of appreciation to Guest of Honor from Cyber Security Agency

Presenting token of appreciation to Guest of Honor from Cyber Security Agency

For More Information please view our WhiteHacks Website at WhiteHacks



How safe is public wifi exactly? WhiteHats Society teams up with Ministry of Funny and National Security Coordination Centre of Singapore on Let’s Stand Together Campaign to find out!

Lets_stand_together_campaign