Kelvin Yip, founder of CyberSecThreat Corporation Limited

Hello! My name is Kelvin Yip, the founder of CyberSecThreat Corporation Limited. I am passionate about the cybersecurity industry and enjoy my daily life as a cybersecurity participant. For this reason, I created CyberSecThreat to contribute more to the cybersecurity industry. Everything started from a compromised Linux machine. That incident inspired me and light my way.

I am a cyber security participant with 15 years in information security. By the time of writing, I achieved 40 IT certification exams, over half of them were information security or cyber security related. Those certifications include OSCP, GXPN, GPEN, GWAPT, GCIH, GMON, GCDA, GCIA, GCFA, CISSP, CISA, CISM.

How do I enter Cyber Security?

I started my information technology career as a system engineer in 1997. Then, I moved to software engineer, web developer, and network engineer and finally landed in the infosec field in 2005. At that time, I work closely with different global banks and enterprises to avoid data leakage.

So, the “compromised Linux machine” actually happened after a short time I worked as an information security officer. I was LPI level 2 and CCNA at that moment with some knowledge of forensics, malware analysis, ethereal(now called WireShark), and dd command to dump memory and disk images. After a lot of study and research, investigating different artifacts, and traffic analysis, I finally figured out most of the story. The initial exploit targeted a buffer overflow against a bind daemon. Then, the hacker uploaded multiple kernel exploits to the /tmp directory, compiled them, and executed them to achieve privilege escalation. Lastly, it planted kernel mode rootkits and replaced a lot of executable files to hide their existence. It opened up my eyes!

After that incident, I spent a lot of time studying how to defend and the common technique adopted by attackers. I reversed every single step the attacker did to build my defense strategy.

If you also want to enter the cybersecurity industry. Let me remind you. “Common sense is the most important thing for you to work in the infosec industry, but common sense is based on your knowledge!”

If you want to see my bio, please visit my LinkedIn.

Visit my GitHub.

Other contributions to the community network: