
What we’re about
Division Zero (Div0) is an open, inclusive, and completely volunteer-driven cybersecurity community. The mission of Div0 is to promote a vibrant cybersecurity community and safer cyberspace in Singapore. Div0 does so by providing a platform where cybersecurity professionals, practitioners, and enthusiasts can meet like-minded people, explore and learn with peers, and contribute to the community at large. Div0 activities include organising events, encouraging contributions and collaborations, and reaching out to the public.
We use this Meetup group to manage our membership and publish our events. It's free for all to join — just simply click on "Join this group", and you're in.
Learn more about Div0: https://www.div0.sg/about
We also feature a Discord Server — the Div0 Digital Kampung — a 24/7 chatroom where Div0 members discuss everything cybersecurity and lifestyle in the digital world.
Sponsors
See allUpcoming events (4+)
See all- Career Series :: Talk & Tackle — Supply Chain Security & Third Party Risk MgtCyberSG TIG Collaboration Centre (formerly ICE71), Singapore
⚠️⚠️ To attend, please also fill up this registration form: [https://forms.gle/NAY2Ju1EsGNaqDo79] ⚠️⚠️
*Please keep a look out for our email on the outcome of your registration that will be sent to you at 1-2 day(s) before the session. If you did not receive any updates, please drop Anna an email at anna@div0.sg*Career Series: Talk & Tackle is a dynamic initiative designed to elevate the professional development of cybersecurity practitioners. This series will feature a combination of hands-on workshops and interactive Q&A sessions, providing an engaging platform for experienced professionals to tackle pressing technical challenges in real-time.
Each quarter, Talk & Tackle will focus on four distinct themes:- Red Team: Participants will explore offensive security tactics, learning how to think like an attacker. Workshops will cover topics such as penetration testing methodologies, social engineering techniques, and the latest tools used in red teaming, equipping attendees with the skills to anticipate and counteract threats.
- Blue Team: This theme will delve into defensive strategies, emphasizing threat detection, incident response, and risk management. Attendees will engage in simulations and case studies that allow them to practice and refine their skills in protecting networks and systems against various cyber threats.
- White/Yellow/Green Team: These sessions will foster collaboration between offensive and defensive teams. We’ll address best practices in threat intelligence sharing, security policy development, and compliance measures. This integrated approach will highlight the importance of a cohesive cybersecurity strategy across different teams.
- Emerging Technologies: As technology rapidly evolves, this theme will focus on the latest advancements in cybersecurity, including artificial intelligence, machine learning, and blockchain security. Participants will gain insights into how these technologies are reshaping the cybersecurity landscape and explore practical applications to enhance their own security practices.
ABOUT THE WORKSHOP
Read more hereAGENDA
- 6.30pm: Registration
- 7.00pm - 10.00pm: Talk & Tackle — Supply Chain Security & Third Party Risk Management
- Till Late: Networking
SPONSORS
- MEETUP VENUE SPONSOR: CyberSG TIG Collaboration Centre
SPEAKERS' BIO
Tyler TANG — Director, SoftSCheck
Tyler currently leads Secure Design & Advisory in softScheck which focuses on Security Risk Assessments and Security Architecture. With over nine years of experience in Information Security, Tyler brings a practitioner’s perspective to secure system design, guided by a methodical and resilient approach shaped by his discipline in martial arts. He also serves as Honorary Secretary, Mentorship Program Lead and Certified Mentor with the ISC2 Singapore Chapter on a volunteering basis and frequently shares actionable insights on LinkedIn and at industry events.Andrea CHEA — Manager, RSM Singapore
Andrea is an experienced IT Audit Manager with a strong focus on IT security best practices, risk management, and compliance. She leads GRC engagements and cybersecurity workshops that help organizations strengthen their security posture. Passionate about building secure digital ecosystems, Andrea has been recognized with multiple industry accolades, including the AiSP SVRP Silver Award and the Tech Talent Builders Award 2024. She also contributes to the next generation of cybersecurity professionals as an adjunct lecturer and community advocate.IMPORTANT NOTICES
- Code of Conduct: [https://www.div0.sg/code-of-conduct]
- Terms of Use & Disclaimer Notice: [https://www.div0.sg/terms-of-use-disclaimer-notice]
- div0{scc+} Workshop Series — Malware AnalysisCyberSG TIG Collaboration Centre (formerly ICE71), Singapore
SCC+ workshop is an extension of a youth-only Singapore Cybersecurity Camp (SCC). As such priority will be given to students first. Submit your application here ➡️ https://forms.gle/uG6NssZ9diBSZSDBA
Abstract
Step into the world of cyber defense with our hands-on Malware Analysis Workshop, led by Jin Hao, a cybersecurity researcher. Learn about malware analysis, diving into Windows internals, setting up your virtual machines and exploring techniques for static, dynamic, and automated analysis. You will also touch on how Endpoint Detection and Response works.Whether you're looking to start a career in cybersecurity or strengthen your existing skill set, this workshop will give you the practical knowledge needed to analyze and defend against real-world threats.
Agenda & Learning outcomes:
Read hereLaptop Requirements:
- Laptop with at least 8GB RAM and VMWare/VirtualBox installed
- Windows 10 VM installed
About the Speaker:
Jin Hao is a cybersecurity researcher with 10 years of experience in reverse engineering, malware analysis, malware development, and detection engineering. He holds two patents for DGA detection and Phishing detection, and is an active developer, having built big data workflows for SOC systems and created a custom query language for threat hunting.Jin Hao has also found success in the bug bounty scene, participating in the HackerOne Ambassador World Cup and reporting vulnerabilities in programs such as Yahoo, Stripe, and Epic Games, and has been credited with three CVEs. His current interests include malware reverse engineering and Windows security research.
IMPORTANT NOTICES
- Code of Conduct: https://www.div0.sg/code-of-conduct
- Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice
- Meetup — Deep dive into Android exploitation & Investigate Kidnapping with OSINTCyberSG TIG Collaboration Centre (formerly ICE71), Singapore
⚠️⚠️ RSVP on BOTH google form & meetup.
Google Form — https://forms.gle/2d8YxzuP1ztk4Vc58 ⚠️⚠️
—
AGENDA- 6.30pm: Registration & Networking (30mins)
- 7.00pm: Introduction & Announcement (20mins)
- 7.20pm: "Deep dive into Android exploitation" by Ilya Dreytser
VP, Solutions Engineering at Quokka - 8.00pm: "Assisting a Kidnapping Investigation Using OSINT" by Sodinokibi
- Till Late: Networking
SPONSORS
- VENUE SPONSOR: CyberSG TIG Collaboration Centre
- DIV0 SUSTAINING OFFICIAL SPONSOR: Red Alpha Cybersecurity
ABSTRACTS
Deep dive into Android exploitation
With over 3 billion active devices this year, Android dominates the global mobile market with a 70.69% market share. But with this widespread usage comes an increasing number of vulnerabilities. In this event, we will dive deep into the world of Android app and firmware exploits and showcase live demonstrations of a few exploits on a live real device. Attendees will gain a clear understanding of how interprocess communication, privileged apps, and Android's interprocess communication models can lead to common exploit patterns resulting in data leakage or exposing personally identifiable information (PII).Join us for a hands-on session that not only highlights the risks but also provides practical insights into how these exploits work and how to mitigate them in your own apps and systems.
Key Topics Covered Will Include:
- Common exploit patterns in Android apps and firmware
- How interprocess communication creates vulnerabilities
- Exploiting privileged apps for data leakage
- A live demo of key Android exploits with step-by-step walkthroughs
- Protecting data and minimizing personally identifiable information (PII) exposure
Why Attend?
- Live Demonstrations: See real-world Android exploits in action with a guided walkthrough for each.
- Practical Takeaways: Learn how to identify and mitigate mobile vulnerabilities in your own development and security operations.
- Expert Insights: Gain knowledge from an industry expert with years of hands-on experience in mobile app testing and security.
- Cutting-Edge Knowledge: Stay informed about the latest trends and threats in the rapidly evolving mobile security landscape.
Interactive Learning: Understand the technical aspects of Android exploits through live demos and actionable insights.
Assisting a Kidnapping Investigation Using OSINT
In this talk, I will share how my team was tasked with supporting one of the most high-profile kidnapping cases in the cryptocurrency sector, which occurred in January. Due to the sensitivity of the investigation, authorities shared minimal information. I will walk through our thought process, the OSINT techniques we employed, and how we were able to uncover critical leads—despite an unexpected twist at the end. This case highlights the importance of proactive intelligence sharing in time-sensitive investigations.BIOS
Ilya Dreytser | Ilya has been testing mobile apps for security, performance, and functionality for the past 8 years. A seasoned expert in mobile app security, Ilya has presented at DroidCon and other notable events. Known for his engaging speaking style, Ilya’s journey began as a developer before transitioning into security testing. He has a unique ability to break down complex mobile vulnerabilities into easy-to-understand concepts while providing real-world solutions. When he's not diving into mobile security, you might catch him enjoying the sunshine after years of basement coding! Ilya is currently leading the Solutions Engineering team Quokka focusing on securing mobile devices and apps.Sodinokibi | A former desktop support technician turned security engineer who transitioned into penetration testing before becoming an intelligence analyst for two of the largest US banks. Since his interest in blockchain and cryptocurrency, Sodinokibi currently serves as an intelligence analyst at one of the world’s largest cryptocurrency exchanges.
IMPORTANT NOTICES
- Code of Conduct: https://www.div0.sg/code-of-conduct
- Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice
- SHELL GymCyberSG TIG Collaboration Centre (formerly ICE71), Singapore
ABSTRACT
ShellGym is the regular cybersecurity workout you have been looking for! Whether you're just starting out and need some exercises, studying for a cert (hint: OSCP), looking at CTF challenges, or developing something cybersecurity-related (maybe your own automated tools?), ShellGym aims to help you progress in picking up practical cybersecurity knowledge and skills. Come and go as you please, work on your own stuff with like-minded individuals, or just have fun during the workout!AGENDA
Thematic activities for this session- Browser tools
- javascript; and
- simple web pentesting without tools
TRAINER
KK Tan — Founder, counterShell
As a mid-careerist convert to cybersecurity, Tan KK picked up his practical skills through getting OSCP certified and by participating in a variety of CTFs. In his career at CSIT, he performed a variety of red-teaming and vulnerability research roles and established the Cyber Training School at CSIT as the Lead Instructor. Besides the OSCP certification, KK is also OSCE and OSEE certified, and has a Bachelor's degree in Social Science (Psychology). He now sees psychology as a field of study where you fuzz humans until they produce unexpected behaviour.IMPORTANT NOTICES
- Code of Conduct: https://www.div0.sg/code-of-conduct
- Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice