Skip to content


Deterministic Approach other than Patching for Log4J (6 Apr 2022)

[QR Code:]

Date: 6 Apr 2022 (Wed)
Time: 8:30pm – 9:30pm
Venue: Webinar (via Zoom)
Speaker: Mr. Shashwat Uniyal, Senior System Engineer, Virsec Systems
Language: English
Fee: Free (Pre-registration is required.)

– Current Cyber threat landscape and trends
– Understanding how the vulnerabilities in Software Supply Chains are exploited with Log4J
– Why did the conventional tools like EDP, EPP fail to prevent Log4J and other supply chain exploits?
– Addressing the Software supply chain vulnerabilities and memory attacks with Deterministic Protection

What is Log4Shell? Log4Shell is a software vulnerability in Apache Log4j 2, a popular Java library for logging error messages in applications. The vulnerability, published as CVE-2021-44228, enables a remote attacker to take control of a device on the internet if the device is running certain versions of Log4j 2.

Zero-day attacks have persisted for years, and they will continue to. Kaseya, NotPetya , SolarWinds, Log4J and so many other have made the headlines.

The most recent Log4J – was a massive software supply chain attack. Within the first 12 hours over 40,000 attacks were reported worldwide, rising to 830,000 after three days. Companies are still trying to determine the full extent of their data loss. The impact of the attack is widespread and may take years to address.


The Webinar is conducted in English with Presentation Material.
Please install Zoom software/app for your PC, Mobile or Tablet.
For the Meeting ID and Passcode, it will be sent by a separated email after the registration.

網絡安全法規 網上研討會 (10 Mar 2022)

[QR Code:]

Date: 10 Mar 2022 (Thur)
Time: 8:30pm – 9:30pm
Venue: Webinar (via Zoom)
Speaker: Mr. Paul Tsang, Senior Regional Solution Architect Sangfor Hong Kong
Language: Cantonese
Fee: Free (Pre-registration is required.)



  第二節 關鍵信息基礎設施的運行安全

The Webinar is conducted in Cantonese with English Presentation Material.
Please install Zoom software/app for your PC, Mobile or Tablet.
For the Meeting ID and Passcode, it will be sent by a separated email after the registration.

Supporting Event: PwnTillDawn Online Battlefield – Hong Kong Students Edition 2022 (5 Jan 2022)

Date: 5 Jan 2022 (Wed)
Time: start at 4pm HKT and will last for 7 days
Venue: Online
Fee: –


PwnTillDawn Online Battlefield’s Competition is the 100% online version which will allow selected contenders to put their offensive skills to the test and from anywhere.

PwnTillDawn Online Battlefield’s Competition is an intensive competition where participants will evolve within a network comprised of many machines affected by real life vulnerabilities witnessed by wizlynx group through hundreds of penetration tests conducted for companies and organizations of various sizes and industries. The PwnTillDawn “Capture-the-flag” (CTF) will challenge contestants to break into as many machines as possible using a succession of weaknesses and vulnerabilities. Upon the compromise of a machine, contestants will have to collect flags awarding a certain amount of points.

This competition is reserved to students and fresh graduates located in Hong Kong. To participate to the CTF competition, we strongly encourage you to submit a complete application as it will undergo a verification process.

For detail:

Supporting Event: The 4th CISO Executive Summit (3 Dec 2021)

Date: 3 Dec 2021 (Fri)
Time: 8:45am-4:20pm
Venue: CORDIS Hotel at Langham Place, Mong Kok, Kowloon
Fee: Complimentary registration is only applicable to first 150 Senior Executives from end user side. A fee of USD850 would be charged otherwise.

The rapidly accelerated digital transformation during COVID-19 has greatly expanded cyberattack vulnerabilities as organizations moving more of their business and transactions online, at the same time enabling automation and remote working. Staying ahead of cybercriminals and insider threats is more critical than ever. How is the role of CISO evolving in the new normal and how modern CISOs are driving a resilient, adaptive and secure enterprise? Carrying the theme of “Leading a Cyber Resilient Enterprise in the New Future”, The 4th CISO Executive Summit will provide answer to these. Bringing together 100+ Enterprises CISOs, IT and Network Security leaders and decision makers across industries, this premier event will provide visibility to the latest threat landscapes, cyber risk intelligence and cybersecurity capabilities, and provide the opportunity for CISOs meet with their peers and discuss proactive strategies to manage risk, address cyber threats, and discover new and innovative solutions for Cyber Security. The roundtables features Visionary Keynote Presentations, Thought Leadership sessions and Experts Sharing on the future cybersecurity imperatives and address Tomorrow’s Top CISO Challenges.

For detail:

Insight of the new OWASP Top 10 (17 Nov 2021)

[QR Code:]

Date: 17 Nov 2021 (Wed)
Time: 7:00pm – 8:30pm
Venue: DC306, Admiralty Centre, HKU SPACE, Admiralty
Language: Cantonese
Fee: Free


The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. The report is put together by a team of security experts from all over the world and the data comes from a number of organizations and is then analyzed.

There are three new categories, four categories with naming and scoping changes, and some consolidation in the OWASP Top 10 for 2021. Mr. Boris So, OWASP HK Chapter Lead will explain more detail and insight of The New OWASP Top 10 for 2021.

Speaker: Mr. Boris SO. OWASP HK Chapter Lead, BSc (Hons), BSc (1st Hons), MSc, MSocSc, CISSP, CEH, CHFI, GCIA, AWS Certified Security-Specialty

For any questions, please contact us at
Facebook: /