November 2024
Roheender went to DevCon SEA at Bangkok
Roheender dreams of becoming an expert in smart contract security. Recently, he suggested that we give him an opportunity to attend DevCon SEA in Bangkok, one of the largest tech conferences for Ethereum enthusiasts.
We are always pleased to see alumni like Roheender who have clear goals. We encourage MCC alumni to pursue their dreams and make them a reality. Thanks to our MCC2024 0day-Hacker sponsor, MOROSNET, we were able to gather some funds to support his attendance this year.
Ref: https://morosnet.com/project/rehack-malaysia-cybersecurity-camp/
Fira represented Malaysia to attend APCERT-FIRST Regional Symposium as Fellowship member
Fira was recently chosen and sponsored to represent Malaysia at the 2024 APCERT-FIRST Regional Symposium in Taipei, Taiwan, through their Fellowship program. This initiative, supported by the APNIC Foundation, empowers women in cybersecurity and delves into important topics like incident response and AI-driven threat analysis. A standout moment for her was connecting with inspiring women leaders from across the Asia-Pacific region.
Ref:
https://www.linkedin.com/feed/update/urn:li:activity:7262680752192966658/
https://www.linkedin.com/posts/activity-7260435875140902912-URdw
Capang’s first physical workshop as a trainer!!
On 9th November, Irfan, a.k.a Capang had his opportunity to share with the participants “Introduction to Binary Exploitation”, organised by PEKOM, of where the project manager was Khiew.
This was a a 3-hour workshop full of theoretical explaination and hands-on material to allow participants to explore binary exploitation either in CTF or real-life vulnerability research.
Oh wait? Who are these two?!!
Introducing, Capang and Khiew, our MCC2024 batch!
Ref:
https://www.linkedin.com/posts/gnapac_my-first-physical-workshop-as-a-speaker-activity-7261388852521500672-DTTU
https://github.com/broCapang/binex_workshop
October 2024
Hazim’s first CVE!
As we approach the end of October 2024, Hazim shared that he received his first Common Vulnerability and Exposure (CVE) designation for a security issue he identified in Apache NiFi. He responsibly reported the issue, which has now been confirmed as fixed in the latest release from the Apache NiFi team.
Congrats Hazim!
Ref:
It seems that RE:HACK successfully organised the Girls in CTF event again this year! What makes it even more interesting is that this year’s event was fully organised by the RE:UN10N members, who are all alumni of MCC.
The main organisers were Yen Wai, Firdaus, Roheender, and Zach.
And who won the game? Without any bias, MCC Queen demonstrated why she’s the best. Jia Qi was once again crowned the champion, teaming up with another alumni, Emmy!
Ref:
https://www.linkedin.com/posts/jiaqiyeo_champion-in-girls-in-ctf-gctf-2024-activity-7251411937975017472-pdHK
September 2024
Naqib gives technical sharing at Jogyakarta!
Naqib recently went to Yogyakarta under his university Global Islamic Student Outreach (GISO) program and gave cybersecurity awareness sharing to the students of SMA Muhammadiyah and Universitas Gadjah Mada (UGM).
More: https://www.linkedin.com/feed/update/urn:li:activity:7238164978975809536/
August 2024
Fira gives technical sharing at Taiwan!
Wow! This is amazing. Fira recently went to Taipei, Taiwan under her university program and gave a cybersecurity technical sharing at the Asia Eastern University of Science and Technology!
She shared her experience by discussing 5 types of cybersecurity attacks with the students, and successfully demonstrated a phishing exercise that is commonly conducted by fraudsters. This was part of her initiative to spread cybersecurity awareness during the program.
It seems many of the alumni is now taking a bigger step to challenge themselves at the international stage eh? Awesome Fira!
Reference: https://www.usim.edu.my/news/kembara-mahabbah-memperkasa-ilmu-dan-pertukaran-budaya-antara-malaysia-dan-taiwan/
Amir is not giving up!
Among the alumni, Amir is the most hardworking person. He conducted many workshops at UNITEN to promote CTF, basic networking skills and MCC. He is not someone who can easily give up. A true MCC product that we want to create!
Recently Amir conducted another sharing session to the juniors, Ask Me Anything: Diving into CTF World.. Don’t give up Amir! Good things are not easily done.
Kelvin is back!
Kelvin together with Emmy, casually participated in Defcon’s BTV Capture the Flag and secured 12th place!
More: https://www.linkedin.com/posts/rehack-xyz_it-was-awesome-when-we-heard-that-some-of-activity-7228607479255810050-NJ3L
MCC alumni at CyberDSA/SIBERSIAGA 2024!
We were given again an opportunity to promote MCC and other activities we organised at CyberDSA/SIBERSIAGA this year!
This year, Roheender, Sarah, Fira and Naqib did a very great job attending the crowd while promoting MCC. Roheender also shared his research in Web3 Security which it is available at RE:HACK’s Github now. Sarah, shared her recent research, Evil Portal using m5stack.
References:
- https://www.linkedin.com/posts/rehack-xyz_cyber-dsa-was-fun-we-had-a-blast-thank-activity-7228241791341191168-SvaC
- https://github.com/rehackxyz/CyberDSA-SIBERSIAGA-2024
- https://medium.com/@ssi51/evil-portal-with-m5stack-cardputer-bruce-firmware-660cc67f8088
- https://medium.com/@MaanVader/introduction-to-web3-and-smart-contract-security-understanding-the-basics-and-common-6bb84442f6fe
July 2024
Cyber Skills Level-Up with CyberHax UTP!
The Amazing CyberHunt UTAR 2024
Woot! This time the number is growing! There were more than 1 team who consisted of MCC alumni participated in The Amazing CyberHunt UTAR 2024. All of them did outstanding achievements!!!
Congratulations Amir, Sarah, Firdaus, Roheender, Zach, Jia Qi, Megat, Naqib, Fira, Emmy, Wei Ying and some others who we might missed in here 😅
June 2024
The first OffbyOne Conference
On the 26th and 27th June, Alysha and Sarah attended the first Vulnerability Research based conference in Singapore, led by Jacob Soo from StarLabs Singapore. The Off-by-One Conference definitely not the same as the other conferences we attended before as the contents were all focusing on vulnerability research, fuzzing, kernel exploit and such.
Sarah has shared her experience attending the event here
Cyber Skills Level-Up at KICT, IIUM
After the success of the first event, Cyber Skills Level-Up made its appearance again at KICT, IIUM on 8-9 June 2024. This time, it was co-hosted with SIG Cybersecurity IIUM, led by Aniq. It was awesome to see Aniq coordinate the program and be supported by his cool team which included our alumni Nazmy and Hazim.
Not just that, Jia Qi and Kelvin also stepped up their contributions to the community by becoming speakers for the event together with the other four experienced speakers.
The other alumni also attended and were able to catch up with each other during the event.
See: https://www.linkedin.com/feed/update/urn:li:activity:7205767272475295744/
May 2024
Sarah talked about MCC at Panca D’FTMK Summit
On 27 May 2024, Sarah was invited as a speaker at the recent Panca D’FTMK Summit, UTeM! She was requested to share with the public about her experience attending and becoming the alumni of Malaysia Cybersecurity Camp.
The first Cyber Skills Level-Up at PEKOM
REHACK carried out their new experiment called Cyber Skills Level-Up which aims to give students some insights into cybersecurity through Capture-the-Flag sharing. The first event was co-hosted with Persatuan Komputer Universiti Malaya (PEKOM), done on the 25th of May 2024.
This is another achievement for MCC alumni as we could see Shafiq and Hassanal involved as part of the PEKOM committee members. At the same time, we had Firdaus and Shen among the trainers!!
Some of the MCC alumni also was there to learn together and provide support to everyone.
Nazmy and Hazim sharing their MCC experience
On the 17th of May, Nazmy and Hazim shared their experience attending Malaysia Cybersecurity Camp 2023 with their peers. On top of that, they also organised a knowledge sharing on Digital Forensics that they gained through MCC, participating in CTF and of course from their self-learning effort.
This session was organised by the IIUM SIG: CYBERSECURITY community. We heard that since 2022, SIG has significantly increased the cybersecurity awareness among the students and their contributions have been praised by their faculty dean!
Good work everyone! Keep spreading the love!
Strikeeeee by Fira in Aturkreatif Hackathon
Oh wait! Fira also participated in this year’s Aturkreatif CTF together with her teammates – TapauSemua. They secured the 2nd place next to Skibidirizz.
There is more! Fira also once again crowned as the champion FOR THE THIRD TIME IN A ROW in the Hackhaton competition, also organised by Aturkreatif.
Fira’s winning Hackathon project, USIMChat, is a game-changer. It’s a LLM-powered chatbot to attend to student queries that ultimately wow the judges. So awesome Fira!
Naqib and Megat won the Aturkreatif CTF!
Aturkreatif is an annual event organised by the Computer Science students majoring in Information Security & Assurance (ISA), FST, USIM. For this year’s Aturkreatif Capture the Flag event, which took palce on the 11th of May 2024, team Skibidirizz (yeah, they always come up with a weird name) consists of Naqib, Megat and their friend Akram won the competition!
April 2024
Teaching web application vulnerabilities at USM
Even though Danial and Aisyah were both swamped with their final year semester, they still took the time out of their busy schedules to teach their uni-mates about web application vulnerabilities on a Saturday. How cool is that?
As their university didn’t offer a practical cybersecurity course, they both put in a lot of effort to prepare the materials on their own time through self-study and took it upon themselves to create materials for their uni-mates. Their dedication and hard work are truly admirable!
Learning Linux with Sarah!
On the 20th of April, Sarah was invited by Google Developer Student Clubs UTeM to deliver a sharing session about basic Linux stuff. Sarah beautifully presented her “Learn Linux by Owning The Game” which attended by 100 students from different local universities.
Read more about it:
Kelvin’s love story in Japan
Kelvin recently shared his first experience of travelling to Japan and attending BSides Tokyo on April 19th. The sharing was exclusively for MCC alumni and friends. During the discussion, Kelvin shared his insights and knowledge gathered through the talks, from the BSides Tokyo crew members, speakers, and other attendees. He also shared how he prepared for his solo journey to Japan, which was insightful for the listeners.
He also posted his tl;dr version on LinkedIn here
6 Black-haired MCC students at the BlackHat Asia Singapore 2024
6 of the MCC alumni were selected to receive Black Hat Asia Student Scholarship this year! To be selected, the candidate must show their achievements and contributions to the community. This is a proud achievement as this could be a proof that their achievements and contributions to the community are recognised by the Black Hat Asia Student Scholarship panels.
Well done Amir, Teng, Naqib, Zach, Sarah and Amin! We hope all 6 of you enjoyed the conference.
Congratulations Firdaus!
Last year, TCM Security sponsored us with three valuable PNPT vouchers and Firdaus was one of the lucky participants who received it. Today, we received the good news that he successfully passed the exam!
Congratulations! And thank you TCM Security for sponsoring us and supporting our efforts in building the a quality next-generation cybersecurity practitioners in Malaysia!
March 2024
We eat, we chat, we discuss, we err..
We had our first gathering of the year at RNZ Steamboat & Grill. MCC2022 and MCC2023 alumni gathered for the first time and it was fun to meet them. Everyone shared about their current life including working, FYPing, internship and more! We were also joined by other friends including MCC trainers.
Oh also, also congratulations to those who got to the final round and won the top 10 in the RENTAS CTF!
February 2024
Alfian is the first from MCC2023 doing sharing!
Alfian from our MCC2023 batch conducted a two-day workshop on Digital Forensics and Binary Exploitation at his previous study place, Politeknik Mersing! This is the first sharing session conducted by our MCC2023 batch.
His workshop was attended by approximately 30 students who keen to learn and explore more about the cybersecurity. We are grateful with the support he received from his lecturer, Ms Mas Ayu from the Politeknik Mersing.
His full post about this achievement can be found here
Global Cybersecurity Camp 2024 Thailand
W00t! We are proud to know that three of the MCC alumni were selected to join this year’s Global Cybersecurity Camp! The members were:
- Yeo Jia Qi (MCC2022)
- Roheender Singh (MCC2023)
- Muhammad Firdaus Amran (MCC2023)
January 2024
Fatah sharing his learning again!
Fatah once again stepped-up his game by conducting an online-sharing about “Reverse Engineering and Binary Exploitation: Intel x86/x86-x64 Assembly”. This is a part of his self-learning in pursuing his dream to be someone that is well-known in the Malware Research and Development field.
The sessions were recorded and available at REHACK’s Youtube:
- https://youtu.be/8dGDYRWwawQ (first part)
- https://youtu.be/vWOSPK8p1wE (second part)
- https://youtu.be/xx62TN7NFIY (third part)
December 2023
Girls in CTF 2023
REHACK experimented an online Capture-the-Flag competition for female only in December. It was participated by almost 100+ players locally!!
Better, when the top 10 of the competition was won mainly by MCC alumni! Congratulations Yen Wai, Jia Qi, Hanan, Shiau Huei, Emmy, and Wei Ying !!
Battle of the Haxorzzz!!!!
The hottest CTF competition nationwide, Battle of Hackers (BOH), is back again for the 2023 edition on December 2nd. The competition was divided into two categories, which were ASEAN and local. We are proud to share that our alumni and crews managed to win the following places:
- 1st runner-up for the local category: Choo, Teng, and ShengHe (Team Cincai)
- 2nd runner-up for the local category: KS, Kelvin, and Mohin (Team L0stPaR4d0x)
- 4th runner-up for the local category: Wan, Haidar and his team (Team anti_1337)
Seeing new faces and newcomers in CTF, as well as participation from our new members, MCC 2023 in CTF, is heartwarming. Seeing their consistency in continuously polishing their skills and proving to themselves, especially that they can grow better from time to time, truly makes us feel proud.
November 2023
Exploring the fundamentals of CTF with Hanan
On November 25, Hanan did another sharing session on unleashing and exploring the fundamentals of CTF! This open sharing session was organised at UniKL with the intention of exposing beginners to the Capture the Flag competition and how to play the game.
As a CTF player and challenge creator herself, she guided participants during a 3-hour session with fundamental understanding, tips and tricks to solve challenges, as well as her personal perspective as a challenge creator in creating challenges. She also provided hands-on practical and mini CTF challenge for the participants to gain actual experience from!
We hope that her spirit of exposing newcomers and beginners to participating in CTF can increase the level of cybersecurity enthusiasm among students.
Team Cincai and Excelsior made their name on the international stage!
On the 21st to 24th of November, four teams representing Malaysia arrived in Jakarta to compete in the first Capture the Flag competition by Korea Internet & Security Agency (KISA), called Asean Cyber Shield. The two teams from the Student Category were participated by Team Cincai and Team Excelsior. Some of the members are from MCC2022 and MCC2023 alumni.
All four teams managed to move to the Final round after able to be the top 5 in each categories. Team Cincai managed to secure 3rd place during this competition and at the same time set a history for Malaysia in the international CTF.
More about this can be read:
- https://www.linkedin.com/feed/update/urn:li:activity:7134770504065777669/
- https://www.astroawani.com/berita-malaysia/kontingen-malaysia-beraksi-cemerlang-di-asean-cyber-shield-hacking-competition-2023-447674
- https://main.aseancybershield.org/notice/116
- https://www.youtube.com/watch?v=gGNkZuzQy7Y
- https://www.youtube.com/watch?v=EVn2fMC6n0Q
MCC alumni in Tokyo?!
That’s right! We recently have been informed that one of our MCC2022 alumni , Shafiq is currently in Japan as part of his exchange culture program. Even though he is currently in a foreign country, his love in cybersecurity is still burning. On November 11th, Shafiq together with his mate, Irfan attended AVTOKYO, a Computer Security Conference operated by the Japanese Hacker Community. From their feedback, the event was awesome and there were many interesting topics that they learned about especially on the malware and AI topics.
We hope they could still be able to join more cybersecurity events over there and bring back more good memories to be shared with us, here in Malaysia!
Team Cincai first international CTF!
Team Cincai – Alvin, Choo, KS and Teng; recently representing Malaysia in Bangkok to compete in an onsite Capture the Flag game organised by ASEAN-Japan Cybersecurity Capacity Building Center.
Competing with the ASEAN teams, Team Cincai managed to solve all challenges on the first day. However, Singapore, Vietnam and Thailand were faster than them on that day and leaving them at the 4th place. So close Team Cincai!! But we are proud with you guys!!!
Read it more here:
https://www.linkedin.com/posts/ajccbc_ajccbc-activity-7130116343126769664-5jcI
Fatah’s Technical Sharing on Assembly Language Programming
Our future security researcher, Fatah, was invited on November 10th by the organisers from GMI, UTeM, and other sponsors who collaborated to give a technical sharing to all cybersecurity students from both institutions.
For more than two hours, he managed to share technical information while also teaching the students some technical skills and tricks! The sharing revolves around Assembly Language Programming for Windows x86/x64 for Reverse Engineering and Binary Exploitation, in which he managed to cover 28 topics focusing on the art of Intel processor assembly for Windows and Linux!
Amir brings back CTF in UNITEN!
On November 4th, Nik Amir together with his friends successfully brought back the Capture the Flag competition in UNITEN. It has been years since the last CTF was held in UNITEN. Amir hopes that with the recent 10:Hats Internal CTF, UNITEN could produces more passionate and talented youth in cybersecurity.
Read it more here https://www.linkedin.com/posts/ymiir_kitauniten-operation10-cciuniten-activity-7127855516449460224-bh5Y
Web Exploitation 101 by Naqib for UNITEN!
In October, we have been informed that, Nik Amir was currently in the middle of organising an internal cybersecurity event for UNITEN under their “Pro-C UNITEN” club. As part of the pre-intro of the event, Amir with their team decided to run a series of beginner-friendly cybersecurity workshop for the students.
Naqib took part in this adventure by volunteered to be one of the speakers and shared a beginner-friendly about Web Exploitation in CTF. He shared some insightful contents to the audience based on his achievements and experience in CTF.
Congrats to you both for stepping up the game! This shows that a collaboration between different universities is possible!
Read it more here https://www.linkedin.com/posts/ymiir_dear-connecction-i-thrilled-to-share-my-activity-7127847526610702336-XtdB
October 2023
Hacking the Game of Hackers (GOH) 2023 UniKL
The long-awaited Game of Hackers (GOH) that finally returned after two years on October 21st, 2023, uplifted the excitement amongst university students, including our alumni and crews. We are delighted to share with everyone that our crews, alumni, and MCC 2023 managed to ‘hack’ the competition as follows:
- Champion: Kelvin, Mohin and William (Team L0stPaR4d0x)
- 1st runner-up: Jia Qi, Zach, and Darrshan (Team DinoDefenders)
Besides winning the competition, Team L0stPaR4d0x managed to be the only team to solve the bounty challenge and was awarded as the bounty winner. Cheers to more achievements to be unlocked by them in the future!
ShareWithUs – How Abang Tesla (Naqib) slayed Certified in Cybersecurity Certificate by ISC2
On the night of October 29, 2023, our Abang Tesla, Naqib, makes some time to share with us his tips and tricks to pass the certificate by ISC2, which is Certified in Cybersecurity (CC). He, who just recently passed the examination, told us that it is important to understand our own study habits; however, it is necessary for us to be consistent. He provided alternative platforms that provide certification contents to add his understanding in preparing for the certification.
Besides that, he shared various types of certificates available to be taken for cybersecurity enthusiasts who wish to build and improve their portfolio and chances to get the attention of recruiters. One of the reasons mentioned by Naqib was that ISC2 is one of the organisations that has reputable values that will shine on one’s resume.
We hope that more of our alumni will pass this and other certification exams with flying colours! Let’s wish them good luck!
Tapau all at iTREXC cybersecurity challenges
They did it again. This time during the iTREXC cybersecurity challenges which was held at Kuala Lumpur Convention Centre (KLCC), 19 – 21 October 2023.
Champion – Team Cincai v1.2 – Choo,Teng and ShengHe
2nd Prize Winner – Team DinoDefend3rs – Jia Qi , Zach and Darrshan
3rd Prize winner – Team Darksid3rs – Kelvin, KS and Roheender
4th Place – Team OnlyFood – Naqib, Megat and Akram
Eh, why there are new names highlighted above? They are from MCC2023!!
PETRONAS Inter-university 2023 Capture the Flag Competition
In celebration of Hacktober and Global Cybersecurity Month, PETRONAS organised the Inter-University 2023 Capture the Flag Competition at KLCC from October 9 to 10.
Performing consistently and as always, we would like to share the success of our MCC 2022 alumni and crews who managed to hit the jackpot and became the winners of this game:
1. Champion: Damien, David, Shiau Huei and Wesley (Team OnlyFeet)
2. 1st runner-up: Aniq, Hazim, Nazmy and Danial (Team 0x94fbr)
Shout out to other alumni who participated in the same competition. What matters most is the experience and knowledge gained and becoming the winners of their enthusiasm.
September 2023
CSAW CTF reverse challenges walkthrough by Teng
Teng is actively upskilling himself in reverse engineering domain. On the 24th of September, Teng once again shared some techniques that he learned while solving the CTF challenges from CSAW CTF.
The session was conducted online and the recording is available at REHACK’s Youtube, https://youtu.be/NrvQ5oQuyW0?si=w4A0LlprH-vS9L2v
BATxAPU CTF 2023 – Team L0stPaR4d0x grabbed some prizes!
Team L0stPaR4d0x that was represented by Kelvin, KS and Mohin accomplished some amazing achievements during the BATxAPU CTF 2023, an internal CTF organised together by British American Tobacco and APU which was held on the 2nd of September 2023.
According to them, the ctf was different than regular ctf. They were provided with a scenario where they need to solve a kidnapping case, requires them to go around the campus to obtain challenges while gathering evidence to solve the mystery. The challenges were focused on blue team path, that included Forensics, OSINT, RE, Crypto. At the end of the ctf, they required to create a Forensic Report on the evidence found to summarise the story line, along with the ctf writeup.
Exploring the world of Cybertron @ Cybertron 2023
On the 6th of September 2023, MCC alumni and crew members were invited to experience Malaysia’s First Experiential Cybersecurity Conference organized by Cybertronium at Connexion Conference & Event Centre (CCEC), Nexus Bangsar South.
The world of Cybertron did not only conferences involving cybersecurity awareness and conference about the current technology that are implemented to defend against cyberattacks, they also demonstrated and showcased a real-life hacking situation that occur through our daily lives. According to the Optimus Prime, Dr Clement Arul, the aim of the event was to expose to the commoners and people with less to none cybersecurity knowledge to truly understand the needs to protect their data and how dangerous can a threat be impacting their organisations or even themselves!
It was truly an honour for our team to be given the opportunity to attend the conferences and observe the demonstrations ourselves. We believe our crew and alumni would definitely gain a lot of practical understanding through the exposure given from the event!
August 2023
CyberDSA – Crews and Alumni MeetUp
During CyberDSA, our alumni and crews did not miss their chance to gather at the event. Remaining in contact while exploring the event together bonds them together, which warmly creates the synergy of friendship amongst them. They always keep each other updated on their current activities.
While exploring the scene of cybersecurity through visiting vendors, listening to flash talks, and joining the training sessions, our crews and alumni attended the event to support the others who were participating in CTF as well as promote MCC together! Cheers to the bond they created on this journey together.
CyberDSA – Siber Siaga CTF: Code Combat
The Cyber Defence and Security Asia Expo & Conference (CyberDSA), which took place on August 15–17, 2023, at the Kuala Lumpur Convention Centre, is a yearly event that collectively aims to outreach decision-makers in both governments and private sectors to advance their cyber defence and security agenda through the divulgence of the latest knowledge and new trends on cybersecurity while demonstrating innovative technology that will safeguard and promote digital economies and global competitiveness.
During the event, a CTF competition namely Siber Siaga CTF: Code Combat was held for 3 days, from August 14 to 16, 2023. The CTF was first held online for the pre-qualifying round to only bring the top 10 teams to participate in the final round that was held for 2 days, from 15 to 16, at the convention centre live. We would like to applaud our crews and alumni for their enthusiasm, which led them to win the following places:
- David and Kelvin from team Nuts won the first runner-up.
- KS from team Darksid3rs won the 6th place.
- Jia Qi from team DinoDefenders was in the 9th place.
- Aniq from team 0x9fbr was in the 10th place.
May all our crews and alumni’s enthusiasm for diving into the world of cybersecurity never fail them to become big in this scene.
ShareWithUs: Crash Code to Victory by Choo
Capture the Flag (CTF) is one of the alternatives to polishing and enhancing practical cybersecurity skills. Depending on the topic, players can deepen their understanding while playing a game by participating in a competition.
Choo, a prominent player from the renowned team Cincai, did a captivating live walkthrough session to share one of his experiences in solving the CTF challenge by code crashing on August 6, 2023. Throughout the 1-hour session, he skillfully unveiled his methods and ‘code crashed’ his way to solving the quest.
This sharing will definitely illuminate viewers in understanding of methods of solving CTF challenges in the future, especially ‘crashing the codes to victory!’
July 2023
Experience Sharing on MCC & GCC
To give insights and experience of how MCC 2022 and GCC 2023 were, the Computer System Security Club (CSSC) from UniKL has invited Hanan to do an online sharing session on July 29, 2023. Her sharing was intended to fill in the tanks of unknowns and worries, as well as her ‘adventure’ participating in both camps. She also mentioned during the session that her own questions and worries prior to participating in both camps were similar to the thoughts of applicants for the camp this year.
Hence, she reminded participants not to worry about the unknowns and encouraged them to empower the cybersecurity scene amongst youth through Malaysian Cybersecurity Camp this year and Global Cybersecurity Camp!
UTAR The Amazing CyberHunt CTF
On July 22, 2023, Universiti Tunku Abdul Rahman (UTAR) held their first-ever CTF competition, namely The Amazing CyberHunt, at their campus in Kampar, Perak. MCC crews and alumni did not miss their chance to participate in this CTF to represent their respective teams and universities.
Surprisingly, the CTF was different than any other CTF that they have joined! It was held for only 3 hours and had both physical and online challenges that needed to be solved simultaneously.
The crews and alumni once again proved to everyone why they are the best when their teams were crowned the 1st and 2nd runner-up places.
- Damien, Kelvin, and David from team POPO (Champion)
- Jia Qi, Yen Wai, and KS from team Darksid3rs (2nd runner-up)
- Hanan from team roBl0x (2nd runner-up)
We would also like to congratulate Imran, Shafiq, and Amir, who put their effort into participating in the event! We are truly proud to have alumni and crews who are actively showing their burning spirit in this field!
Trends in Cybersecurity and Pentest Industry
Thigendra was one of the final-year students who participated in the first edition of the Malaysia Cybersecurity Camp. In his quest to become an offensive security consultant, he was accepted to work as an Associate Security Consultant at a local cybersecurity company in Kuala Lumpur, right after he graduated.
On the 14th of July 2023, he was invited by Asia Pacific University to represent his company to talk about the current trends in cybersecurity and pentest industry. The talk covered certification paths expected by employers as well as emerging tech in penetration testing and employment trends.
We are happy when he contacted us and share his first contribution to the community. We believe there will be more upcoming sharing from our uprising star!
CYDES 2023: Youth in Cyber
CYDES is a national event that serves as a powerful platform for showcasing expertise, solutions, and cutting-edge technologies aimed at combating present and future cyber threats. The 2nd edition of CYDES, which took place from July 10th to July 13th, 2023, added a new objective: to be a platform for reaching out to youth in cybersecurity and building a progressive future for them.
The Malaysia Cybersecurity Camp (MCC) members were invited to participate in a 30-minute discussion on youth and cyber security. Six MCC crews and alumni—Shiau Heui, Amir, Yenwai, Hanan, Aniq, and Kelvin—have shared their thoughts and opinions in a session titled “Youth in Cyber: Developing a Better Cybersecurity Community for Our Next Generation” intending to promote and ignite the spirit of learning cybersecurity in the hearts of youth for the sake of the future.
They discussed the importance of improving cybersecurity education and encouraging cybersecurity learners, building a community of youth for the future generation, and their own experiences participating in both MCC 2022: The First Edition and Global Cybersecurity Camp 2023 during the 30-minute session.
NACSA’s Acting Chief Executive, Pn Shariffah Rashidah, even sacrificed some of her time from an ongoing meeting to attend this session.
It is even more fascinating that they prepared the session; they came up with the discussion topic, questions, and ideas themselves! Kudos to them!
CYDES 2023: Cyber Warzone
A Capture the Flag (CTF) competition, Cyber Warzone, occurred during CYDES 2023 on July 10, 2023. While the participating teams represent various universities across Malaysia, most of the players representing these teams consist of MCC crews and alumni.
The intensity of this game came to an end as the winners were announced at the end of the day. We are proud to share that our alumni Wan and Damien from the team The Excelsiors have won the 2nd runner-up, while Alvin, Choo, KS, and Teng representing Team Cincai were announced as the winners of the Cyber Warzone 2023! Team Cincai will also be representing Malaysia at the Cyber SEA Games 2023, held in Bangkok this year.
Congratulations to MCC alumni and crews for showing their consistent enthusiasm by participating and winning the game. Shout out to Team Cincai and The Excelsiors for winning the game!
How Hackers Undergo Reconnaissance
On the 12th of July, 2023, Kelvin took the opportunity to host a quick sharing session amongst his peers at Asia Pacific University (APU) entitled “How Hackers Undergo Reconnaissance”.
During the session, participants were equipped with insights and explanations into the methods that are used to gather necessary information, such as Open-Source Intelligence (OSINT), phishing, and physical social engineering, before attackers dive into their target’s network or system. Besides that, Kelvin also demonstrated several tools that are commonly employed during the reconnaissance phase objectively, providing visual insights into the toolkit and enhancing the ability to anticipate and defend against potential attacks.
The session was believed to serve as a wake-up call for participants to proactively safeguard their digital assets. After all;
“Privacy is like eating and breathing. It is one of life’s basic requirements.” (Katherin Neville)
June 2023
ShareWithUs: TyphoonCon Online Sharing by Oppa Fatah
Fatah, who recently returned home from Korea, did a sharing session with our crews and alumni on his experience attending TyphoonCon, which was held in Seoul from June 12 to 16, 2023.
During the event, he acquired new technical skills and was able to deepen his knowledge, gaining an overview of the current cybersecurity trends worldwide. While making new friends and acquaintances with the attendees and speakers, he was also exposed to the culture and education for offensive security of BoB (Best of Best), a cybersecurity community there.
Apart from that, he got the chance to hang out and play tourists together with GCC 2023 Korea students, whom he made friends with during GCC in Singapore earlier this year!
MCC…Assemble!!! @ Kopi Session OffSec
Assembled again, our crews and alumni had gathered at the OffSec Kopi Session organised on the 21st of June 2023 – at Yuespace Hartamas. During this session, they gained some exposure and insights into the current plan of OffSec after the release of Kali Purple by Damian Goh and Leon Kwek. Besides that, there were also some sharing of experience and benefits from Ts. Zulhairy Zulkifly and other industry experts – on the courses and professional certificates available for students and fresh graduates to develop skills.
As the kopi session ended, they also had a catch-up session with one another; from internship to working life, their readiness for FYP, final examination, preparation for the new upcoming semester, and Fatah who just returned home from Korea!
Boot2Root Bootcamp
‘Learning upholds, sharing maketh growth’ – On 17th of June 2023, Hanan together with her friend who is a GCC Alumni did a Boot2Root Bootcamp at UniKL MIIT. This boot camp was organized in targeting beginner players of CTF and learners who is profound with boot2root.
The session was held as an eye-opener to participants on the approaches and techniques in solving this challenge for Capture The Flag (CTF) competitions. Besides giving insights, tips, and tricks from the perspective of CTF players and challenge creators themselves, they also did walk all the attendees through solving a box that was specially created for the boot camp!
CTF – Online Sharing by Teng
On the night of 10th June 2023, Wang Teng Zheng shared about an evasion technique through reverse engineering that he regularly uses when competing in CTF. Check out the recording session at our Youtube channel, https://youtu.be/3AeHKtO9mN0
May 2023
Crews meetup and SANS Community Night
Our crew members gathered on the 29th of May to discuss the next plan for MCC2023 before we can switch our gear to level 3. On the same date, we together with three MCC2022 alumni (Kelvin, Yen Wai, and Fatah) attended the SANS Community Nights at Parkroyal Collection Kuala Lumpur. Mr Jason Lam shared about “3 Crucial Cloud Security Changes to Hackproof your Cloud”.
On top of the valuable sharing session by Mr Jason, we met with a few cybersecurity professionals. We gain some interesting advice from them that night.
Other interesting stuff shared by the alumni was about their in-progress FYP projects and also Fatah, who will fly to Korea to attend Typhooncon, a cybersecurity conference focusing on offensive security.
Asia Pacific Cyberattack Response Challenge 2023
On the 20th of May, some of the MCC2022 alumni participated Asia Pacific Cyberattack Response Challenge 2023 organised by Cyber8lab. It was an online CTF challenge that ran concurrently with Asia Pacific Cybersecurity Conference 2023 in Kuching, Sarawak, Malaysia.
18 teams competed with each other originating from countries such as Malaysia, Brunei, Singapore, Indonesia, and Australia.
Team Cincai managed to grab 2nd place and the other two teams represented by MCC2022 alumni (Team L0stPaR4d0x and skyjuice), secured the 5th and the 9th place!
Fatah was invited by The National Defence University of Malaysia
Fatah was invited to be an instructor in RTO – The Art of Hacking, Attacks & Techniques on 7th May 2023 at The National Defence University of Malaysia (Military Institution). In the boot camp, they learn how to conduct cyberattack tests in the company with a professional approach so that vulnerabilities can be detected and eliminated.
The lecture aims to improve Rules of Engagement (ROE), Tactics, Techniques, and Procedures (TTPs), People, Process, and Technology (PPT).
Choo’s online sharing – WordPress 5.0 RCE
On 6 May 2023, Choo again shared interesting stuff that resulted from his self-study which was about reproducing WordPress 5.0 Remote Code Execution.
The recording of this session is available at https://www.youtube.com/watch?v=TYyqLRUrwvQ
MCC Hari Raya Gathering at The Caravan Cafe
On the 6th of May 2023, MCC crew organised a Hari Raya gathering with alumni. The gathering was held at The Caravan Cafe Bukit Mahkota. There was a wide selection of delicious food, drinks, and desserts served. Additionally, we were excited to be joined by respected professionals such as Mr Azli (Velum Labs), Mr Kimi (Nexagate), Mr Fadzril (Syntx), Mr Shahriman (Deloitte), Mr Syahmi (Bluesify), Mr Ali (BAE Systems) and Mr Max (Maybank). All of us really benefited from their attendance and impromptu career-sharing sessions.
April 2023
Experience attending MCC and GCC
Sharing with the community may be a powerful approach to developing connection, trust, and a sense of belonging. On April 13, 2023, Fatah received an invitation from the German-Malaysian Institute to speak about his experience with having a global mentality and career guidance in light of the Global Cybersecurity Camp (GCC) and Malaysia Cybersecurity Camp (MCC).
The goals of this sharing are to empower the Malaysian cybersecurity community and empower them to the next level of offensive and defensive mindset capabilities.
Gathering and Iftar at He & She Coffee (IIUM Gombak)
On 6 April 2023, the alumni had a gathering plus iftar(fast-breaking) at He & She Coffee (IIUM Gombak). We discussed and chatted about career growth and planning, how to improve cybersecurity ecosystems within the university, a sharing from GCC members about their experience attending the event, and more!
March 2023
CTF 101: Unleash Your Computer Skills!
Persatuan Komputer Universiti Malaya (PEKOM) invited Hanan to share her experience organising and participating Capture-the-Flag (CTF) on 25 March 2023.
It was a full-house session and Hanan’s sharing attracted many students to explore CTF.
A Beginner’s Journey in CTF (hybrid mode)
On 18 March 2023, A 4-hour hands-on workshop by Jia Qi to introduce beginners to CTF competition with various types of challenges (conducted with a partner, total participants 230).
Project Hexa
The Student Representative Council (SRC) from Tunku Abdul Rahman University of Management and Technology (TARUMT) has organized a 4 days cybersecurity camp (18, 19, 25, 26 March 2023) for TARUMT students. Teng and Choo have been invited to conduct a workshop for one of the days of the camp. Participants were introduced to capturing their first flag in CTF and finding bugs in real-world applications.
Web Tracking and Browser Fingerprinting
Another quality sharing delivered by MCC alumni. This time it was delivered by Yen Wai and Shiau Huei during their active cybersecurity club, FSEC-SS monthly sharing sessions.
The topic was about how a cyber defender identifies threat actors through analysing web logs and browser fingerprinting.
This was presented on 22 March 2023.
Red Team Infiltration and Introduction to Phishing
On 8 March 2023, Damien a.k.a SuperTsumu conducted a basic red-teaming sharing session as part of his university club (FSEC-SS) monthly sessions.
The session was attended by students from APU and other local universities. It was an interesting session full of updated hands-on. Importantly, it was a FREE event. Kudos to them
How Apple Pay and Google Pay work
On 4 March 2023, Choo, our crew shared interesting stuff about how Apple Pay and Google Pay work. It was a part of his self-learning and he wanted to share it with others.
The recording of this session is available at https://youtu.be/SoFArzMnCUs
February 2023
Red Team Ops: HAVOC 101
On 25 February 2023, David a.k.a x0rry, conducted a red-team workshop as part of the APU university club (FSEC-SS) monthly sessions. The workshop was carried out hybrid, together with his uni-mate, Wesley.
The first two chapters of the workshop were delivered by Wesley. The third chapter however could not be presented on that day due to time constrain. For that, David provided the full walkthrough and explanation through his blog at https://pikaroot.github.io/blogs/2023-02-25-HAVOC_Framework
The session and the write-up are well presented. Additionally, since both hold CRTO certifications, the content they deliver is of the highest quality.
Global Cybersecurity Camp 2023 – Singapore
December 2022
i-Hack 2022 Competition
Available online
TryHackMe – Cybersphere Box
Yit Eng a.k.a Jackmeister recently created boot-to-root challenges in the TryHackMe platform and challenged THM players to solve them.
As an active CTF player online and in his university, TAR UMT (team VerdeSec), he would like everyone to take an interest in solving CTF challenges.
He would like to create more in the future as he believes this is one of his approaches to giving back to the community.