Presented at
Black Hat Asia 2020 Virtual,
Oct. 2, 2020, 11:20 a.m.
(40 minutes)
<p class="x_MsoNormal">In this digital age, we live in a world of applications that enable us to conduct digital transactions ranging from everyday tasks to storage of sensitive data. But how secure are these applications?</p><p class="x_MsoNormal">As the cybersecurity lead in the Singapore Government, GovTech seeks to secure government applications by proactively conducting security assessments. As the application landscape is wide and varied, we employ various techniques such as fuzzing, source code reviews and reverse engineering to discover new vulnerabilities.</p><p class="x_MsoNormal">In this talk, we will take you through the Tactics, Techniques and Procedures (TTPs) used to find application backdoors that were put in place by developers, unbeknown to users, in two applications - a Windows-based thick client and an iOS application.</p>
Presenters:
-
Max Chee
- Associate Cyber Security Specialist, GovTech Singapore
<span>Max Chee is a cybersecurity specialist working with Govtech. He specializes in product security assessment and adversary simulation. In his free time, he enjoys hunting for bugs in iOS mobile applications.</span>
-
Hui Yi Loke
- Cyber Security Specialist, GovTech Singapore
<span>Loke Hui Yi is a cybersecurity specialist from GovTech Singapore. Her work includes pentesting web applications and conducting software vulnerability assessments. In her spare time, she builds models, 3D prints random stuff and goes bug hunting.</span>
Links:
Similar Presentations: