Loading Events

« All Events

  • This event has passed.

Attacking Workloads on Cloud – Common patterns from application vulnerabilities to serverless backdoor

02/11/2021 @ 7:00 pm - 8:30 pm

Time: Nov 2, 7:00 pm – 8:30 pm

Place: ADC 315, HKU SPACE 金鐘夏慤道18號海富中心.

(金鐘港鐵站A 出口,經海富中心商場行人電梯上).

Speaker: Mr. Boris So, CISSP, CEH,CHFI,

AWS Certified Security – Specialty

Format : On site and Online (Zoom)

Language : in Cantonese

Presentation Slide : in English

Mr. Boris So is the OWASP HK Chapter lead, and AWS Certified Security – Specialty. Boris is also an ethical hacker specialising in finding software vulnerabilities, analysing backdoors, and writing malware to attack systems from the ground to the cloud. In the seminar, he will demonstrate common weaknesses of cloud workloads and how backdoors can be leveraged to break the access assumptions of cloud services.

Mr. Boris So (Speaker)

  • BSc (Hons), BSc (1st Hons), MSc, MSocSc
  • Certified Information Systems Security Professional
  • Certified Ethical Hacker
  • Computer Hacking Forensic Investigator
  • GIAC Certified Intrusion Analyst
  • GIAC Secure Software Programmer – Java
  • AWS Certified Security – Specialty
  • Oracle Certified Master – Java EE Architect (Sun Certified Enterprise Architect)

Research interest:

  • Obfuscated kernel rootkit: application in defeating anti-malware software
  • Cryptography and steganography: application in anti-forensics
  • Bayesian machine learning and statistical modeling: application in detecting web attacks

Instructor domains:

    • Secure programming
    • Ethical hacking
    • Exploit development
    • Protocol analysis
    • Computer forensics
    • Malware reverse engineering



Hacking demo:


Featured demo:

Featured TV interview:

Featured online media interview:


Zoom link will be provided 1 days before the event.

Members of Hong Kong CTF Association and invited guests have higher propriety to join this workshop. Hong Kong CTF Association has the right to reject anyone to join this workshop with an email notice to the registered audience before or after the event started.

Look forward to sharing the Cloud Security with you all !

Frankie Leung


Hong Kong CTF Association

[email protected]



What is Cloud Security?

Cloud computing is the delivery of hosted services, including software, hardware, and storage, over the Internet. The benefits of rapid deployment, flexibility, low up-front costs, and scalability, have made cloud computing virtually universal among organizations of all sizes, often as part of a hybrid/multi-cloud infrastructure architecture.

Cloud security refers to the technologies, policies, controls, and services that protect cloud data, applications, and infrastructure from threats.


7:00 pm - 8:30 pm