After a long journey, I finally made it to Singapore — my first time in Asia! The experience didn’t disappoint… though I can’t say the same for the food scene.

From the vibrant streets of Chinatown, Bugis Street, and Orchard Road, to the immaculate public transit (seriously, the buses and trains were spotless thanks to Singapore’s famously strict rules), every corner had something to discover. The heat hits you in the face, but the scenery more than makes up for it.

That said… we did notice a couple of sus taxi fare increases 👀. Noted.

🎓 Black Hat Asia 2024 — Scholarship Experience

I had the absolute honor of attending Black Hat Asia as 1 of 63 scholarship recipients! My scholarship included a briefings pass, so I attended sessions on April 3rd and 4th.

🗝️ Opening Keynote with Edward Chen

Opening remarks were led by the founder, Jeff Moss, and the keynote was delivered by Edward Chen on Cyber Threats in AI.

Here are some highlights:

• Top 3 cyber threats in Singapore:

  1. Ransomware

  2. Scams

  3. Advanced Persistent Threats (APTs)

• Ransomware cases have risen 20% in 2024 locally.

• Singapore’s Cyber Security Agency (CSA) participated in an international takedown of a massive botnet that infected 2,700 devices in Singapore.

• The attacker utilized a rare 3-tier botnet structure compatible with PowerPC and SH4 — not typical targets, making this particularly sophisticated.

A great talk on how far attackers are willing to go for scale and stealth.

Business Hall Shenanigans

Naturally, I had to check out the Business Hall — and of course, grab some merch!

Highlight: My mom filmed her first TikTok at the TikTok station. I filmed mine too, and we got some seriously cool gear in return. Shoutout to the TikTok merch team — best setup hands down!

🚗 Drive-Thru Hacking (Yes, Really!)

One of my favorite sessions was Drive-Thru Hacking by Alina Tan and George Chen.

They explored how dashcams with default configurations could be exploited — especially IROAD dashcams, which are widely used in Singapore. Turns out, many models share similar hardware/software across brands.

Highlights:

• They tested over 24 models from 15 brands and gathered 1,000+ dashcam SSIDs using the Flipper Zero.

• Their method was an evolution of wardriving: they’d access dashcams, stream media files, and feed them into an LLM pipeline for analysis.

• Their process uncovered driving routes, conversations, and owner habits — all from drive-thru stops!

Crazy cool and a little terrifying.

💡 Day 2 Keynote: Bunnie Huang

Day two's keynote was led by Bunnie Huang, famed for being one of the first to reverse-engineer and crack the original Xbox.

He dove into:

• Supply chain vulnerabilities

• Warranty fraud — where people rebuild defective phones from e-waste and return them for profit

• A fascinating look at repair economies in Shenzhen

He explained how a $3/hour skill on the factory floor can scale to controlling a large parts inventory worth hundreds of thousands, or millions. He tied this into the psychology behind fraud and scam structures — absolutely eye-opening.

🔍 Briefings I Attended

In addition to the keynotes, here are some other amazing talks I sat in on:

• Behind Closed Doors: Bypassing RFID Readers — Julia Zdunczyk

• Ransomware Attack Scenario Review — Chris Thomas

• Red Team Operator Information Overload: How Your C2 Can Help You Out — Max Grim

• MORF - Mobile Reconnaissance Framework — Amrudesh Balakrishan, Abhishek JM & Himanshu Das

• SHIVA Spampot: Actionable Spam and Phishing Intelligence

🔍 MORF Talk

I enjoyed the MORF talk, which introduced a mobile security scanner built to detect hardcoded secrets in Android apps using ripgrep. It collects SHA256 hashes of APK files.

It puts into perspective of Android’s higher vulnerability surface compared to iOS — mainly due to differences in app review rigor. Super relevant if you’re into mobile security!

Final Thoughts

This was an informative conference — no doubt. I do wish I had been a bit more social though. I connected with a few and even got to speak briefly with Jeff Moss, but I wasn’t as bubbly as I usually am at conferences.

Maybe next time I’ll be back to full energy, but either way, I’m so grateful for the experience and everything I learned!