Eugene Lim (GOVTECH) – Hacking the Synology NAS: Reversing and Fuzzing Hardened

Home / News and Events / Industry Leader Series / Eugene Lim (GOVTECH) – Hacking the Synology NAS: Reversing and Fuzzing Hardened

Abstract

Last year, I hacked the Synology DiskStation Network Attached Storage (NAS) device, discovering several vulnerabilities including 6 assigned Common Vulnerabilities and Exposures (CVEs). I will do a deep dive into the techniques used to reverse engineer, fuzz, and exploit the firmware, as well as lessons on building rugged software. I will discuss good secure coding and vulnerability disclosure practices by Synology.

Speaker’s Profile

Mr. Eugene Lim from GovTech SingaporeMr. Eugene Lim
Cybersecurity Specialist
GovTech Singapore

Eugene (@spaceraccoon) hacks for good! From Amazon to Zendesk, he helps secure products globally. In 2019, he won the Most Valuable Hacker award at the H1-213 live hacking event organized by HackerOne, the US Air Force, the UK Ministry of Defense, and Yahoo. He has reported vulnerabilities in Microsoft Office, Apache OpenOffice, D-Link, and more. He also presented research on AI-powered phishing at Black Hat USA and DEF CON in 2021. At GovTech, he secures citizen data and government systems through application security research and sustainable DevSecOps development. Later this year, he will be speaking at DEF CON 30 on hacking calendars including Apple Calendar, Google Calendar, and Microsoft Outlook.

Gallery

eDM of ISTD COIL Seminar Hacking the Synology NAS: Reversing and Fuzzing Hardened by Eugene Lim