15 Apr 2019

One month to the REVULN '19 conference.
Currently working on the invitations for the selected participants: journalists, government and law enforcement agencies.
And welcome Yi-Lang Tsai (Taiwan), TWCSIRT, presenting: Cyber Security, Threat Hunting and Defence Challenge in Taiwan Academic Network.

12 Mar 2019

Blog post on conference line-up.

07 Mar 2019

Speakers list and agenda for REVULN '19 are now available.

01 Mar 2019

The Call for Papers is now closed. Thanks for your submissions. The final agenda will be published in one week.

22 Feb 2019

Updates before final agenda. A remainder about the Call for Papers and some additional information about the event.

15 Feb 2019

REVULN '19 is invitation-only and free. No tickets available to buy. Only ways for participating is being invited by us or by the selected speakers. We'll send invitations to press and gov/LEA once agenda is ready. 50 seats only.

04 Jan 2019

"What's going on?" Some news about the company and information on our conference.

01 Jan 2019

60 days left for applying to the Call for Papers of REVULN '19. Hong Kong, 2019 May 15-16:
hacktivism (digital activism) and open source intelligence (osint).

20 Dec 2018

The Call for Papers of REVULN '19 is open.

REVULN '19 is an Information Technology Security conference that will take place the 2019 May 15-16 in Hong Kong at the Harbour Plaza North Point Hotel. 11 speakers for two main topics: Hacktivism and OSINT.

08 Dec 2018

All our papers and slides are now available also in HTML format.

The papers have been posted on our blog too.

05 Dec 2018

We are organizing an event in Asia for mid 2019. More details coming in the next weeks.

02 Dec 2018

Light and minimalistic restyling of our website

Added links to our social networks pages on Facebook, Sina Weibo, VK, QZone, Naver, Tencent Weibo, Medium and Blogger

Added links to articles about REVULN in japanese, korean, chinese and russian languages

13 Sep 2017

Celebrating 5 years of business


Conferences and Meetings

"stay focused on Asia"

Hong Kong, 2019 May 15-16


REVULN '19 is a cybersecurity conference that will take place the 2019 May 15-16 in Hong Kong at the Harbour Plaza North Point Hotel.

The event is organized and financed by REVULN Limited Hong Kong and REVULN Limited Malta (EU) without any external sponsors.
More information about us are available in the About page and by searching on the Internet.

REVULN '19 is strictly focused on two topics for the whole 2-days event with a look at the asian region:
  • - Hacktivism and countermeasures, cyber activism and attacks motivated by ideals
  • - Open Source Intelligence (OSINT)
The topics will be presented from different points of view and based on the countries and personal experiences of the 12 international speakers in english. Each presentation takes 30/35 minutes and covers a slot of 45 minutes inclusive of questions. Main features of the event:
  • - no sponsors, no sponsored talks and no marketing
  • - invitation-only and free
  • - two specific topics on which are based all the 12 sessions, for an in-depth experience during the whole event
  • - topics focused on the region where the event is hosted (Asia)
  • - no memberships, no subscriptions and no VIP statuses
The participants are people working in journalism, government and law enforcement.

Share on:

Twitter LinkedIn Facebook
VK 新浪微博 腾讯微博

Registration and tickets

The event is invitation-only. No tickets available.

Agenda / Programme

May 15Wednesday - Open Source Intelligence
10:00Registration and welcome coffee
10:30Chun Pong CHOW (Hong Kong)
My user-experience and understanding of "OSINT" and "private intelligence agency" as a fresh intelligence analyst
11:15Setthawhut Saennam (Thailand)
Using OSINT in CERT Operations
12:00Coffee break
12:15Egor Saltykov, Igor Lyrchikov (Singapore, Russia)
What you will able to gather from neighbor social networks?
13:00Lunch (restaurant)
14:30Hirokazu Kodera, Manabu Niseki (Japan)
Catch Phish If You Can: A Case Study of Phishing Website and Actor
15:15Coffee break
15:30Da-Yu Kao (Taiwan)
The Investigation, Forensics, and Governance of ATM Heist Threats in Law Enforcement Agencies
16:15Chiawchan Chodhirat, Wongyos Keardsri (Thailand)
A Development of Cybersecurity Techniques and Law Enforcements for Royal Police Cadet Academy

May 16Thursday - Hacktivism and countermeasures
10:00Welcome coffee
10:30Dr. Rolando Rivera Lansigan (Philippines)
The Privacy Act of 2012, its compliance and implementation in the Philippines
11:15Yi-Lang Tsai (Taiwan)
Cyber Security, Threat Hunting and Defence Challenge in Taiwan Academic Network
12:00Coffee break
12:15Yihao Lim (Singapore)
Hacktivism in South East Asia
13:00Lunch (buffet)
14:30Dominic WAI (Hong Kong)
An analysis of s.161 of the Crimes Ordinance and sharing of case law on this offence
15:15Coffee break
15:30Dasom Kim (South Korea)
How to find suspected phishing sites and malicious cryptocurrency addresses via OSINT
16:15Khurram Javed (Pakistan)
Hacktivism and its Effects in Pakistan

Speakers details

Chun Pong CHOW
Intelligence Analyst.
Chun Pong has been working as a private intelligence analyst focusing on APAC region for around two years, including working in the corporate security and the corporate intelligence sectors in two private intelligence agencies; and is also currently a Master student of Criminology from the University of Hong Kong.
My user-experience and understanding of "OSINT" and "private intelligence agency" as a fresh intelligence analyst
This presentation provides a timeline of my story from a local to intelligence analyst and share the inspirations and insights with the private security companies and private intelligence agencies as an industry overview before I joined. Then, the presentation will describe the organizational structure and the involved parties in this intelligence service, including colleagues, managers and clients, and share my personal difficulties while working in such structures.
Further, the second half of the presentation will focus on providing examples of the OSINT training I received and the supplementary use of HUMINT. Afterwards, the presentation will start breaking down the intelligence products by how I perceived it is used and how I find it meaningful for the corporate and government clients.
In the end, this presentation would provide my opinion on how the private intelligence industry will develop in the upcoming era with the further utilization of big data. And what I, as a junior intelligence professional, would hope for in terms of training and career development in my upcoming future.

Setthawhut Saennam
Security Engineer at ETDA (Thailand):
- Incident response, digital forensics, malware analysis, and cyber threat intelligence.
- Conference speaker and technical writer at ThaiCERT.
- Interested research topics: criminology and cyber crime, incident response in national scale, malware data analysis.
Using OSINT in CERT Operations
ThaiCERT usually uses information from cyber threat intelligence to support the incident response operations, threat monitoring, and also assist law enforcement agencies to investigate cyber crime incidents. In many cases, OSINT is one of the useful information source.

This presentation will focus on how we use OSINT to support ThaiCERT operations. The topic will include interesting tools, case studies (e.g. hacktivist, fraud, malware), and challenges and limitations.

This presentation is based on our observed and real problems when using OSINT. For example, limitations of information gathering on social media, GDPR and effect on IR operations, and legal concerns when using contents from internet archive or cached services. Some topics are intentionally be open discussion in order to have participation and share experience between attendees.

Igor Lyrchikov
Pentester at Digital Security, bugbounty hunter(Bugcrowd, h1, Yandex HOF),Cobalt Core Researcher, DAPP researcher. Performed a talk about Recon & OSINT at Positive Hack Days 8 Conference. Twice was a ZeroNights speaker.

Egor Saltykov
Egor Saltykov is Independent Researcher from Singapore.
Pentester, bugbounty hunter(h1,Synack), OSCP, Apple security researcher (CVE-2017-7038, Apple Web Server Notification acknowledge), Conference speaker (Russia, Singapore).
What you will able to gather from neighbor social networks?
The development of ML and AI allowed us to create search engines to find people by photo, API gradually become unnecessary, but what if we combine them together and understand what can be learned from social networks knowing very little about the target?
Also consider what it lead to in real life and how to protect against it.

In the report, we plan to describe the methodology of operation of these api, the statistics on the data that we were able to extract and automate this process to search for people by key criteria, such as a photo, phone number or a surname / name combination.

Manabu Niseki
Researcher, NTT Secure Platform Laboratories.

Member of NTT-CERT since 2015, FIRST TC speaker, OSS contributor, CISSP.

Hirokazu Kodera
Researcher, NTT Secure Platform Laboratories.

Member of NTT Secure Platform Laboratories since 2017, CISSP. 
Catch Phish If You Can: A Case Study of Phishing Website and Actor
Phishing, an old and traditional attack, is still a thing. 
Hundreds of phishing website are launched every day and it threats people around the world. Anti-Phishing Working Group (APWG) says that APWG detected 150,000+ phishing websites for the 3rd quarter of 2018.

Sometimes phishing actors make OPSEC failures and, thanks to that, researchers can obtain a phishing kit (a kit to deploy a phishing website).
We have collected 18,000+ phishing kits based on OSINT and analyzed mechanisms of phishing websites and phishing actors themselves.

In this presentation, we will show the following findings.
- How to collect phishing kits based on OSINT data.
- Analysis of phishing actors:
  - Who develops a phishing kit, How to distribute it, etc.
    - Including a methodology to find out a phishing actor based on information (email, username and signature) inside a phishing kit.
  - We will show an analysis of Indonesian phishing actors who target Asian countries.
    - Especially focusing on an actor named DevilScream/Z1Coder who develops an infamous phishing kit“16shop”.

Finally, we will show countermeasures we have taken against phishing websites and actors.

Da-Yu Kao
Associate Professor in Central Police University, Taiwan.

Da-Yu Kao is an Associate Professor at Department of Information Management, College of Police Science and Technology, Central Police University, Taiwan. He is responsible for various recruitment efforts and training programs for Taiwan civil servants, police officers or ICT technicians. He has an extensive background in law enforcement and a strong interest in information security, ICT governance, technology-based investigation, cyber forensics, human resource development, and public sector globalization. He was a detective and forensic police officer at Taiwan's Criminal Investigation Bureau (under the National Police Administration). With a Master degree in Information Management and a PhD degree in Crime Prevention and Correction, he had led several investigations in cooperation with police agencies from other countries for the past 20 years. He is now the director of Computer Crime Investigation Lab in Central Police University and the webmaster of Cybercrime Investigation and Digital Forensics in Facebook Group. He can be reached at
The Investigation, Forensics, and Governance of ATM Heist Threats in Law Enforcement Agencies
In July 2016, the ATM heist of Taiwan First bank is based on well-known Carberp malware family. The threat of cybercrime is becoming increasingly complex and diverse on putting citizen’s data or money in danger. Cybercrime threats are often originating from trusted, malicious, or negligent insiders, who have excessive access privileges to sensitive data. The analysis of ATM heist threats presents many opportunities for improving the quality and value of digital evidence. This talk will introduce some OSINT methods that can help investigators to perform a cybercrime investigation process in a forensically sound and timely fashion manner. This talk further points out cybercrime investigation, digital forensics, and ICT governance for fighting against cybercrime issues. It requires the sincere examination of all available data volumes at a crime scene or in a lab to present digital evidence in a court of law.

 Exploring the cybercrime investigation framework of ATM Heist from ISO/IEC 27043:2015
 WhatsApp Network Forensics: Discovering the Communication Payloads behind Cybercriminals
 Forensic Analysis of Network Packets from Penetration Test Toolkits
 Practical Packet Analysis: Exploring the Cybercriminal behind the LINE Voice Calls

Chiawchan Chodhirat
Captain Police Chiawchan Chodhirat, Lecturer.
Faculty of Police Science, Royal Police Cadet Academy, Royal Thai Police.
BA in Public Administration, Royal Police Cadet Academy, Thailand.
MA in Criminal Justice: Cybercrime Investigation and Cybersecurity, Boston University, USA
Executive Education: Cybersecurity, Harvard Kennedy School, USA.

Wongyos Keardsri
Captain Police Wongyos Keardsri, Lecturer
Faculty of Forensic Science, Royal Police Cadet Academy, Royal Thai Police.
BSc in Computer Science, Prince of Songkhla University, Thailand.
MSc in Computer Science, Chulalongkorn University, Thailand.
PhD in Business Administration, IIC University of Technology, Cambodia.
A Development of Cybersecurity Techniques and Law Enforcements for Royal Police Cadet Academy
Nowadays, the knowledge and skills of cyber security are necessary for the work of police officers in Thailand which conforms to the changing world society to the digital society.
Currently, the nature of crime in Thailand is related to the offense on computer and digital systems more than in the past. Therefore, Royal Thai Police assigned the Police Cadet Academy to establish the guideline and the special cybersecurity project for enhancing and training the future law enforcement leaders, police cadets, in understanding cybersecurity and cybercrime. In this paper presents the program outline in cybersecurity training for Thai police cadets at Royal Police Cadet Academy. The main knowledge and skills, which are highly needed for police cadets, consist of 7 parts: computer programming, digital forensics, reverse engineering, cryptography, web security, exploitation and network monitoring. Moreover, military forces and police department have initiated the cyber security competition for the military-police academies in 2018. This challenge made changes in encouraging police cadets to equip themselves more efficiently for the prevention of threats in computer system. The Royal Police Cadet Academy is the main institution in Thailand to prepare cybersecurity knowledge to the law enforcement leaders. The department of police science is adapting the cybercrime cases from different to cadets. The department of forensic science is training to fight the cybercrime in the proper methods under the law.
Kali Linux will be used as the main training software in Royal Police Cadet Academy, Royal Thai Police.

 8th INTERPA, February 11-13, 2019, GFSU, Gujarat, India

Dr. Rolando Rivera Lansigan
Independent Consultant on Data Privacy with more than 25 years of academic and data privacy experience.
Three bachelor’s degree, one master’s degree and one Doctorate degree.
Pioneer in data privacy compliance in the Philippines with more than 200 talks delivered nationwide.
First Chief, Compliance and Monitoring Division – National Privacy Commission – Philippines.
The Only Filipino member of GDPR Coalition Awareness Ambassador.
The Privacy Act of 2012, its compliance and implementation in the Philippines
The Data Privacy Act of the Philippines was enacted into law in March of 2012.  Thus, the creation of the National Privacy Commission (NPC) last 2016, which is mandated to administer its implementation. After more than two years after its creation, NPC had successfully championed its cause from awareness, compliance and enforcement with the registration of more than 30,000 Data Protection Officers (DPO), accepted more than 1,000 complaints and cases and has made headlines in the Philippines as one of the most popular government because of its strict implementation of the law. Among its most popular implementation is its Five Pillars of Compliance which was regarded as one of the most successful implementation among other countries. Republic Act 10173, otherwise known as the Data Privacy Act (DPA) of 2012 was passed into law last 2012 in the Philippines. The law requires that all Personal Information Controllers (PIC) and Personal Information Processors (PIP) must appoint a Data Protection Officer (DPO) to manage compliance with the DPA and other applicable laws and policies.  In addition, having a DPO will ensure the protection of personal data collection and processing in accordance with the requirement of the law.

Having a DPO will also ensure the organization’s competitive advantage in this digital age of data protection.

As a data protection officer, he/she must be must monitor the organization’s compliance with the DPA, its implementing rules and regulations and other issuances by the National Privacy Commission. Including the conduct of Privacy Impact Assessment, creation of a Privacy Management Program and Privacy Manual and the conduct of Breach Reporting Procedure.

In addition, a DPO should cultivate awareness to promote the culture of privacy not only within the organization, but as well as for the entire country.

The presentation will also present some issues surrounding the digital world.  Including some potential breaches that may affect each individual and organization.  Will also present a compilation of the most common breaches that has happened in the Philippines and how to avoid them. Technical, physical and organization security measures will also be discussed in the presentation.

 National Privacy Commission Philippines

Yi-Lang Tsai
TWCSIRT Leader / NCHC Research Fellow

- Leader, TWCSIRT (Taiwan Computer Security Incident Response Team)
- Researcher Fellow, NCHC (National Center for High-performance Computing)
- Leader, Security Operation Center for NCHC (National Center for High-performance Computing)
- Leader / Project Manager, Security Operation Center for TANet (Taiwan Academic Network)
- Leader, The Honeynet Project Taiwan Chapter
- Leader, OWASP Taiwan Chapter
- Leader, Cloud Security Alliance Taiwan Chapter
- Chairman, Taiwan Cyber Security Alliance (Since 2013)
- Chairman, HoneyCon (Since 2009), CSA Taiwan Summit (Since 2013), OWASP
- AppSec Taiwan (Since 2017), IRCON (Since 2015)
- Freelance, Published 35 books and over 80 articles (Since 1997)
Cyber Security, Threat Hunting and Defence Challenge in Taiwan Academic Network
TWCSIRT is a full member of FIRST and mainly focuses on the protection of NARLabs, TANet and TWAREN. We are defense cyber-attack from internet and according to government policy to handling incident every day. I am a research fellow with National Center for High-performance Computing and lead cyber security team to operation security operation center to handling incident in Taiwan Academic Network.
In our research project from government, we are deployed the biggest honeynet in Taiwan and used over 6000 IP address to detection malicious network attack come from internet.
We have published our malware knowledge base to sharing malware samples and reports for many researchers, students, research center and sharing our data set for deep tracking about cyber security.
There are many new types of cyber-attack that’s is include ransomware, website mining, DDoS and hybrid malicious attack.

Main Points:
- What’s TWCSIRT Mission and Scope
- How to coordinate in National level with ISAC, CERT and SOC
- Cyber-attack and threat hunting in Taiwan Academic Network
- How to develop cyber security platform for incident handling
- How to do red team and blue team training by CDX

 Malware DB
 Cyber Defense Exercise

Yihao Lim
Senior Cyber Threat Intelligence Analyst at FireEye.

He focuses on identifying and proactively dealing with cyber security threats for his clients in Asia Pacific. Yihao is well-versed in monitoring intelligence sources for actionable indicators/information, including open and internal sources to assess and catalogue threat indicators to convey urgency, severity, and credibility to his clients. 

Clients include organizations in government agencies, information technology, energy, aviation, maritime, land transport, healthcare, media, water treatment, financial services, industrial control systems and critical infrastructure. 

Prior to joining FireEye, Yihao was the lead threat intelligence analyst in a cyber security startup where he was the in-house subject matter expert. He led a team of six supporting customers across Asia Pacific.

Yihao served as an Army infantry officer with the Singapore Armed Forces and was chosen to participate in bilateral military exercises with Thailand, Brunei, Taiwan and Australia. 
Hacktivism in South East Asia
South East Asia is a rapidly growing economy, and many countries have aggressively sought to modernize its information technology capabilities as they assimilate into the global digital economy. However, this rapid expansion without adequate security considerations has led to the creation of the perfect storm – with multiple open critical vulnerabilities across governments and institutions in the region. As the name suggests, Hacktivism is largely spurred by politically motivated activists, using tools which exploit cyber security vulnerabilities. Geo politics is the main driver for Hacktivism.
A significant example would be the 2012 Scarborough Shoal incident between China and Philippines.
Chinese hacktivists defaced websites of the University of the Philippines website, Philippine Department of Budget and Management and that sparked off a chain of retaliation activities by Hacktivists groups in the Philippines on Chinese entities.
Hacktivists groups also demonstrated remarkable maturity to organize cross-national campaigns in #OpChina. In this campaign, FireEye Intelligence identified Indonesian hacktivists partnering with Filipino and Vietnamese hacktivists in #OpChina, and they launched defacements, distributed denial-of-service (DDoS) attacks, data leaks, cross-site scripting (XSS) attacks, and spam activity on Chinese targets. In retaliation, nationalistic Chinese hacktivist groups and communities started operation "Kill the Monkey," which targeted Philippine, Vietnamese and a few US websites.
While the threat activity conducted in support of #OpChina and "Kill the Monkey" was low in sophistication, this activity was remarkable due to the high levels of participation on both sides. There are indications which suggest that at the peak of activity was on May 30, 2015, more than 20,000 Chinese Internet users were participating in chat rooms that had been created to organize pro-China cyber threat activity.
Hacktivists are also starting to challenge international affairs outside of the geopolitical scene in SEA. For example, Indonesia-based actor "Minion Ghost" (@Scode404) participated in #OpIsrael and #OpCatalunya campaigns.
Traditionally, the threat level emanating from hacktivists groups have been low, but over the last 24 months FireEye Intelligence has been observing hacktivism attacks take on a more destructive role as compared to traditional website defacements / DDoS attacks. In 2016, pro-ISIS hacktivist group Islamic Cyber Army compromised and deleted sensitive records from the U.S. Department of Commerce (DOC) website in retaliation for the death of Junaid Hussain. In 2019, it is possible that hacktivists adopt more complex TTPs such as leveraging data destruction as an anti-forensic technique in their campaigns.
Since 2018, FireEye Intelligence has observed with moderate confidence that the threat of hacktivism in support of the Islamic State (ISIS) terrorist organization has declined since its peak in 2015 – this is consistent with the substantial losses in ISIS territory and personnel in Syria.
Hacktivism attacks historically consists of the following methods – Data leakage, Doxing, Denial of Service Attacks, Website Defacements, Website Redirects – but as Information Operations (Fake news) gains traction as an effective medium to incite public sentiments, we could see hacktivists adopting this weapon in 2019 – where it is election season in 2 prominent SEA countries (Indonesia, Thailand).

Dominic WAI
Partner, ONC Lawyers.

Before joining the legal profession, Dominic has worked in the banking sector and as well as in the Independent Commission Against Corruption (ICAC). Dominic’s practice focuses on advising clients on matters relating to anti-corruption, white-collar crime, law enforcement, regulatory and compliance matters in Hong Kong, including advice on anti-money laundering. He also handles cases involving corporate litigation, shareholders' disputes and insolvency matters, defamation cases, domestic and international arbitration cases, cybersecurity, data security and privacy law issues, competition law matters, e-Discovery and forensic investigation issues as well as property litigation.
When would using a computer be a crime?
An analysis of s.161 of the Crimes Ordinance and sharing of case law on this offence

 ONC Newsletter - September 2018

Dasom Kim
Junior CyberOperations Engineer of Horangi Pte LTD.

Her research interests include digital forensics, offender profiling, Dark Web, Deep Web, log analytics, and data analytics. She focused on Dark Web, Deep Web, and OSINT for 2 years.
How to find suspected phishing sites and malicious cryptocurrency addresses via OSINT
Recently many cryptocurrency exchange websites and users have been targeted by phishing attempts.
While analyzing the various cases, the Horangi R&D team adopted OSINT techniques for retrieving information about the malicious websites, the target cryptocurrency addresses and the attackers.

In this presentation, the Horangi R&D team will show “how to find suspicious information from Deep Web & Surface Web” and describe the best ways for reaching this goal.

The team will share some real cases related to malicious phishing websites and crypto addresses on Deep Web. The first case is about fake giveaway websites looking like real news portals, while the second case is about phishing websites imitating those of the exchanges.

The final part of the presentation is dedicated to finding korean data leaks with some real examples.

Khurram Javed
Assistant Director, Cyber Security Consultant and Master Trainer at RISE, Riphah International University, Islamabad, Pakistan.

Khurram Javed is currently serving as Assistant Director, RISE. He is a renowned Cyber Security professional leading the strategic development, planning, analysis and execution of diversified projects for clientele varying from defense, strategic, financial, multi-national and telecommunication/internet security related organizations across the globe.
Khurram is also an acclaimed academician and has been attached with academia for over a decade and has served as permanent faculty in many prestigious universities in Pakistan. His areas of specialization are Social Engineering, Wireless, and Offensive Security.

In addition to managerial responsibilities, he has been delivering as Cyber Security Consultant/Penetration Tester & Master Trainer, under the Professional Development Center at RISE. He is a prolific cybersecurity mentor and has trained over 500 professionals from leading companies through numerous security training sessions conducted across Pakistan. He is a Certified EC-Council Instructor (CEI), Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), EC-Council Certified Security Analyst (ECSA) and a Licensed Penetration Tester (LPT) from EC-Council Academy, Kuala Lumpur, Malaysia and is enlisted amongst their Roll of Honor. His competence as a Security Analyst is well acknowledged by the industry through deliverance in training and consultancy projects. He leads the Penetration Testing and Digital Forensics teams at RISE. His other training includes Cisco Certified Academy Instructor (CCAI), Virtualization Security, Network Analysis & Forensics, Panda Gate Defender Integra-Performa, VoIP design, installation & configuration, CCNA Discovery, FTTH technology and creating an effective CSOC.

Khurram is also an active researcher focusing in the areas of Wireless Security, Social Engineering, Malware Development & Analysis, BOTNETs, Offensive Security and Digital Forensics. He has also contributed towards architecting multiple flavors of Cyber Security Awareness training programs. Khurram is an enthusiastic speaker at Cyber Security conferences, symposiums, and seminars and has professional memberships with EC-Council, IEEE, Cisco Network Academy, ISOC, CSTA-ACM and PISA.
Hacktivism and its Effects in Pakistan
In my talk, I would like to highlight and present case studies related to Hacktivism in Pakistan. As our country has been engaged and affected by hacktivism attacks and they have caused a great impact on our state on political, social and national fronts. In this session, we would like to discuss relevant case studies and give a holistic picture of how hacktivism can affect a nation on multiple facades.

The regional rivalry between India and Pakistan has existed since the two nations achieved independence in 1947. Their relationship is characterized by fierce military and economic competition, resulting in small-scale skirmishes, war, and provocation in the physical and cyber realms. The contested status of the regions of Kashmir and Jammu adds tension to the already strained relationship. To help win small advantages, new technologies are quickly integrated into both nations' strategies; utilizing cyberspace has become a useful tool for both India and Pakistan.
Cyberspace has become a space where hacktivists and patriotic hackers from both sides can express their patriotic feelings and denigrate the adversary. Cyberspace also acts as a means for Advanced Persistent Threats (APTs), which are groups that hold highly probable links to state institutions, to spy and gain information on their opponent. The actors involved in India and Pakistan’s cyber rivalry thus far are primarily hacktivists and patriotic hackers from both states. Many groups and individuals took part in hacktivism and patriotic hacking to react to physical events and to show their affiliation to their respective state.
They targeted both government websites and poorly protected non-governmental websites with website defacement. Both APTs, which are widely believed to be acting in conjunction with the official state, have been involved in cyber espionage campaigns with open source malware delivered through spear phishing emails and/or watering hole attacks.

Apart from the hacktivism war raging on Indo-Pak front, we also have an active revolt by hacktivists against political and social agendas within Pakistan. For instance, while two major political parties in the country got to the roads to protest against the former government, a similar effort was being led online by a network of hacktivists who claim to be independently seeking the ouster of the government and accountability for corruption charges those were laid against them. The groups, going under the names ASOR Hack Team and Anonymous Op Pakistan, hacked into multiple websites and leaked private data of government employees and security forces as part of their 'hacktivism' campaign that closely mirrored the ongoing protests. The fall of the previous government was also because of a cyber data leaks popularly known as Panama Papers, which exposed corruption against some politicians and caused turmoil on the political front eventually resulting in the change of Prime Minister and later defeat of the ruling party in public elections.

Call for Papers (now closed)


Is this a promotional event?
No, nobody is going to promote or sell you anything.
The event has been created by us just for speakers and attendees.

I would like to join as speaker, is a CFP available?
The Call for Papers is closed. 

Are you going to record or stream the sessions?
No, we will take no video recordings of the event.

We would like to sponsor the event...
We don't accept sponsors for this event.

We work for the press/media...
Send us an email and we would be happy to discuss and evaluate your presence at the event, we have only few free seats available for the press.

How can I attend the event?
This edition is invitation-only and mainly limited to journalists, governments and law enforcement agencies.

How to reach the location of the event?
The Harbour Plaza North Point hotel is located in Hong Kong Island, between Quarry Bay (exit C) and North Point (exit B3) metro stations.
Address: 665 King's Road, North Point, Hong Kong
Tel: +852 2187 8888​
The meeting will take place at B1/F in the whole Harbour Plaza Rooms space.

Harbour Plaza North Point Hotel

Reaching the hotel from the airport is very simple:
  • - buy a ticket for Hong Kong Station at the Airport Express booth in the airport (it costs about 115 HK$), you don't need it if you have the Octopus card
  • - take the Airport Express train [PDF details]
  • - get off at Hong Kong Station (the final stop)
  • - take the H4 complimentary free shuttle bus
  • - take off at stop 5
If you prefer the bus, take A12 or A11 (plus some walking). Is there any discount code for booking a room at the same hotel of the venue? Yes, the hotel gave us the code REVULN19 for HKD 800 per night (+10%). If the code is no longer valid, feel free to contact the hotel: Carol Chan at Do I have to bring something with me?
  • Business cards.
  • The mobile phone or laptop will be useful for consulting some material we plan to provide during the event.
  • Wi-Fi will be available for sharing documents with the attendees, while Internet may not be available.
  • The hotel already provides notepads, pens and water.
Dress code? Casual or business is up to you, the event is meant to be quite informal and relaxed. T-shirt, (long) shorts and shoes are the bare minimum. Code of Conduct? Respect the others, no offenses, no aggressive and inappropriate behavior. This is a place where we plan to share experiences and do networking with people interested in the topics of the event. How can I contact the organizer with other questions? You can contact Luigi Auriemma by email, Twitter and LinkedIn.


REVULN™ has been founded in Malta (European Union) the 13 September 2012, later more companies have been incorporated in Belize (Central America) and Hong Kong (China, Asia).

We are specialized in Information Technology Security, mainly in vulnerability research and reverse engineering, we work on various projects and activities for companies, organizations and governments worldwide.

Since 2019 we finance and organize some international events too.

The founder of REVULN™ is Luigi Auriemma, he has a wide and proven experience of almost 20 years in finding 0-day vulnerabilities and reverse engineering of protocols, file formats and proprietary code, activities that he started since the year 2000 and for which he released an incredible amount of security advisories, 0-day exploits, research papers and source code, ever under the full-disclosure and open source philosophies.

Luigi has been a very active independent researcher before starting REVULN™ in 2012, he has been one of the most prolific researchers for ZDI in 3 consecutive years, his projects and patches keep alive many gaming communities otherwise defunct, he maintains the largest collection of game file formats available, found 0-days in a wide range of proprietary and open source products ranging from SCADA/ICS to enterprise servers, from game engines for triple-A titles to SmartTV, media players, online poker client software, BitTorrent clients, financial software and so on.

Both Luigi and REVULN™ have been featured in various news articles, a brief collection is available in the Press page. The most notable article has been published on the front page of New York Times the 14 July 2013 about vulnerability brokers and governments: Nations Buying as Hackers Sell Knowledge of Software Flaws, and the original front page [PDF].

We have also been speakers at various international conferences where we presented our research material, an archive of our papers and slides is available in the Research Page.

REVULN Limited
Level 3, Theuma House, 302, St. Paul Street
Valletta VLT1213
- Company No. 57557 -

REVULN Ventures Limited
21 Regent Street
Belize City
- Company No. 149322 -

REVULN Limited
25th Floor, Workington Tower, 78 Bonham Strand, Sheung Wan
Hong Kong
- Company No. 2478498 -