News


  • CHT Security Awarded 2021 Taiwan Managed Security Services Company of the Year

    CHT Security announced they are awarded 2021 Taiwan Managed Security Services Company of the Year by Frost Sullivan.The Industry Analyst from Frost Sullivan Amy Lin said, Traditionally, enterprises and organizations in Taiwan rely on in-house resources for security operations. However, enterprise infrastructure is increasingly complex, with the shift from IT to IoT, OT, and cloud environments, requiring expert teams to support.CHT Security is one of the top MSSPs in Taiwan. Backed by Chunghwa Telecom, one of the largest ICT providers in Taiwan, the company leverages the countrys vast Internet coverage on telecommunication services to gain first-hand knowledge of cyberattacks and threats in the region. While continuously enhancing its service offerings to provide comprehensive MSS services, for example, MDR and OT security services, the company has also aggressively strengthened its service team from 40 employees in 2018 to 180 employees by 2020. she added.

    More
  • CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Portal System

    SummaryVulnerability List1. [CVE-2021-22850] Security Misconfiguration2. [CVE-2021-22851] [CVE-2021-22852] Pre-Auth SQL Injection -1Details1. Security MisconfigurationDescriptionThe portal system is vulnerable to a broken authentication vulnerability, which allows attackers to gain unauthorized functions and data without authentication.This vulnerability affects many portal systems of governments, organizations, and companies.ImpactRemote attackers can gain parts of privileged pages, which can lead to leakage of sensitive data. The confidentiality, integrity, and availability of data and system will be compromised.2. Pre-Auth SQL InjectionDescriptionThe portal system has a SQL injection vulnerability, allowing execution of arbitrary SQL commands via id parameter without authentication.This vulnerability affects many portal systems of governments, organizations, and companies.ImpactRemote attackers can gain unauthorized data like users account and password for system login.The confidentiality, integrity, and availability of data and system will be compromised.Versionv3 2.02.0-54,v3 3.03.0-54Credits* Tony Kuo (CHT Security), Jalong Chen (CHT Security)

    More
  • CHT Security Red Team Discovered Several Vulnerabilities in Well-Known School Management System

    SummaryVulnerability List1. [CVE-2020-10505] SQL Injection2. [CVE-2020-10506] Path Traversal3. [CVE-2020-10507] Unrestricted file upload (RCE)Details1. SQL InjectionDescriptionSeveral parameters were affected by SQL Injection.ImpactThis vulnerability allows attackers to perform a union-based injection query string to get database schema and username/password.Known Affected Softwareversions before the year 20202. Path TraversalDescriptionSeveral parameters can be manipulated by attackers.ImpactAttackers can download files of the target machine for further analysis.Known Affected Softwareversions before the year 20203.Unrestricted file upload (RCE)DescriptionSeveral file upload fields contain a vulnerability of misconfigured file upload filter. ImpactAttackers can upload unrestricted files that would allow attackers to gain access in the hosting machine.Known Affected Softwareversions before the year 2020CreditsJalong Chen (CHT Security)

    More
  • Defending Cyberspace

    Long-standing emphasis on high-tech development means Taiwan is well prepared to meet increased demand for information security. Jeff Hung (洪進福), general manager of Taipei-based CHT Security Co., sees the situation as a golden opportunity for homegrown companies to expand their target markets by going global. Established in 2018, the company is a subsidiary of Chunghwa Telecom Co., Taiwans largest telecommunications service provider. It offers security risk assessment and management as well as digital forensics for consumers, enterprises and government agencies, with its next-generation defense technologies receiving a U.S.-based Infosec Excellence Award and U.K.-based Infosec Quality Award.Given the rapidly changing threat landscape, cybersecurity solutions providers like CHT Security must continuously evolve to keep apace. The inclusion of cybersecurity in the six core strategic industries is a huge boon to those in the business, Hung said. The policy brings expanded government assistance with experimentation facilities, finance, talent cultivation, technology and regulatory frameworks.According to CHT Securitys Hung, public-private and cross-sector partnerships are also playing a crucial role in delivering results and meeting the policys objectives. For our part, were ready to team up with other ICT companies to bring secure products utilizing entirely homegrown hardware and software components to the international market, he said. Through collaboration and strong government support, Taiwan is set to become a worldwide leader in cybersecurity.(Photo by Chin Hung-hao, Design by Lin Hsin-chieh)Source:Taiwan Review

    More
  • CHT Security Awarded CYBERSEC 2021 Tech Demo Award

    CHT Security is Awarded Tech Demo Award in CYBERSEC 2021. In the exhibition, CHT Security showcased the Latest Cybersecurity Solutions in CYBERSEC 2021 including Internet of Vehicle security, the next-generation SOC and CHT Security cyber range.Source: CYBERSEC2021

    More
  • CHT Security Awarded Top Enterprise Security Startup in APAC 2020

    The leading MSSP in Taiwan, CHT Security, is awarded Awarded Top Enterprise Security Startup in APAC 2020 by Security Magazine due to its innovative services and technology that enable telco enterprises to safeguard themselves against attacks on networks, gateways, and endpoints. These include cybersecurity assessment, protection, monitoring, management, and digital forensics of cyber incidents for over 200 large enterprises, 20,000 SMEs and 350,000 consumers.Telco-centric Cybersecurity SolutionsOne of the key success factors of CHT Security lies in the great amount of exclusive global and domestic threat intelligence it possesses to protect clients against numerous cyberattacks. Based on the telco-related advantages, CHT Security also offers Network Managed Security Services including next-generation firewall, intrusion prevention system, cloud WAF and DDoS protections for enterprises. The Network Managed Security Services allows client not to change network architecture or install additional hardware/software while reducing total cost of ownership.As the leading Managed Security Service Provider (MSSP) in Taiwan, Jeff informs, Taking DDoS service for example, in H1 this year CHT Securitys experts deal with 420 DDoS attacks every day in average and in June the number increases to 749 in one day, while the attack traffic peaked at 487 Gbps in January. With years of experience the expert team adopts 4-phased defense techniques inclusive of offshore blocking, border control, backbone control and DDoS Protection Zone to secure the legitimate business activities. CHT Security uses multi-layer mechanism to block, control, and filter DDoS attack to secure clients from business discontinuity. The DDoS Protection Zone separates DDoS from normal traffic using dedicated security appliances. With all the techniques CHT Security successfully support all the clients to mitigate DDoS risks.The Next-generation SOC to Empower Enterprise SecurityAiming to jointly defend homeland security in this transformational, digital era and fulfill the prospect of building a safe and trustworthy digital country, CHT Security strives to deliver a wide range of services and solutions: security assessment, SOC monitoring and incident response services to cover all major aspects of enterprise security. The expert team develops next generation SOC to include endpoint and gateway security to enhance the cybersecurity visibility and in the meantime SOC service is ISO 27001 and 20000 certified. For Endpoint, CHT Security assists clients with MDR service (Managed Detection Response). With 24/7 real-time remote monitoring, the expert team detects critical servers, system environment, and responds in time to cyber incidents. By collecting global cyber threat intelligence, CHT Security is able to provide real-time alert and proactive cyber joint defense. For gateway, our latest self-developed product, SecuTex Network Protection, records all the network traffic and provides real-time analysis and alert of suspicious activities.The SOC service has evolved to the present AI-driven SOAR (Security Orchestration, Automation and Response) introduced in 2019, with automatic ticket management system, playbook automation, implementation of MITRE ATTCK framework, capabilities of reverse engineering and threat hunting of CCs, mentions Jeff. In 2020, the SOC team deals with 200 billion event logs, 110 million triggered SIEM correlation rules, 240 thousand notifications and over 3,000 system inspections when conducting digital forensics.In recent years, cyberattacks on telco companies have increased in frequency and sophistication, creating a significant threat. And, the COVID-19 pandemic has only escalated this growth. With millions now accessing critical data on home networks and personal devices, organizations are more vulnerable than ever to cybercrimes. Companies must up their game to survive the onslaught of new and sophisticated attacks during this crisis and the new normal. To that end, CHT Securitys SOC team offers MDR services directly block malicious content at the endpoints; they help identify the threats and analyze all traces and suspicious activities and propose suggestions on countermeasures. The MDR services are monitored and investigated by skilled cybersecurity experts and integrated with internationally well-known detection and response services and the latest cyber threat intelligence. In 2019, CHT security received straight As in the Review of the Security Service Provider by the Security Department of Executive Yuan, Taiwan and among all the reviewed service the SOC service has won straight As for 5 consecutive years.The ISO 20000 Certified Red Teaming ServiceA reflection of the continued success of the ISO compliant firm is the many awards and recognition the company has received over the years. In 2020 the organization was awarded the BSI Info Service Quality Deep Cultivation Award, in 2018 Infosec Excellence Award and listed the top 1 other info service provider in Taiwan in 2020 for the profession and quality it delivers to all the clients. Our team of outstanding ethical hackers also won various competitions, including the championship in HITCON Defense Contest and special award of Intelligence Sharing, and championship in International Bug Bounty Challenge held by Industrial Technology Research Institute (ITRI), demonstrating our capabilities of both attacking and defensive skills, states Karen Chen, director of CHT Security.While every business invests in cybersecurity programs, there is no effective means for companies to validate the performance of these in any unprecedented situations. CHT Security offers Red Teaming services that enable companies to test their programs capabilities against real-world attack scenarios, consequently improving the overall security posture. Using the intelligence from public information, social networks, darknet, and combining the knowledge, offensive and defensive skills, and hacking tools from its security experts, the firm conducts intrusion simulation against the agreed target organization by all means. Additionally, CHT Security was able to help their client with threat investigation by tracing these breaches back to the root cause level, help their clients strengthen their cybersecurity protection and prevention capabilities. Red Teaming is to complement the easily overlooked perimeter defense in penetration testing and the deployment blind spots due to human error, explains Jeff.Among all the testing cases over 90% we can take down AD server and over 70% we can break into database. This means simulated hacking attacks to find weak spots within the clients infrastructure is crucial to corporate defense practice, exclaims Jeff. Every year CHT Securitys experts test over 300 systems for thousands of clients. With the ISO 20000 certification the team guarantee the quality and discipline when conducting intrusion simulations compliant with international standards. CHT Security publishes 29 CVEs within 2 years, among them 19 critical high. The expert team possesses over 270 certificates in terms of information security, network technology and management, such as CEH, CHFI, ECSA, ECSP, GWAPT, GPEN, NSPA, SSCP, CCIE, CCNA, CCNA Security, CISSP, PMP, etc. Being the only ISO 20000 certified red teaming service provider in Taiwan positions us as a premium cybersecurity service provider to our clients, asserts Karen.Source: Enterprise Security

    More
  • CHT Security Showcase the Latest Cybersecurity Solutions in CYBERSEC 2021

    During CYBERSEC 2021, CHT Security showcases the latest cybersecurity products and services. The first one is the total solution for Internet of Vehicle, including the cybersecurity for in-vehicle, road-side unit, cloud and operation center. Among the solution, SecuTex Car Protection demonstrates the ability for payload sniffer and anomaly detection for cars, aiming next phase to keep record of all the CANBUS traffic.The second one is the next-generation SOC (security operation center) service. To enhance the overall cybersecurity visibility, the next-generation SOC puts great emphasis on the integration of network gateways, endpoints and cloud to well demonstrate the risk level for organizations. Moreover, the response ability is the key point to curb cyber-attacks once detected.CHT Security also showcases the latest cyber range developed for both blue team (defense) and red team (attack). CHT Security cyber range based on hyper-converged infrastructure delivers great ability for group training and competition.

    More
  • CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Portal System

    SummaryVulnerability List1. [CVE-2021-22850] Security Misconfiguration2. [CVE-2021-22851] [CVE-2021-22852] Pre-Auth SQL Injection -1Details1. Security MisconfigurationDescriptionThe portal system is vulnerable to a broken authentication vulnerability, which allows attackers to gain unauthorized functions and data without authentication.This vulnerability affects many portal systems of governments, organizations, and companies.ImpactRemote attackers can gain parts of privileged pages, which can lead to leakage of sensitive data.The confidentiality, integrity, and availability of data and system will be compromised.2. Pre-Auth SQL InjectionDescriptionThe portal system has a SQL injection vulnerability, allowing execution of arbitrary SQL commands via id parameter without authentication.This vulnerability affects many portal systems of governments, organizations, and companies.ImpactRemote attackers can gain unauthorized data like users account and password for system login.The confidentiality, integrity, and availability of data and system will be compromised.Versionv3 2.02.0-54 andv3 3.03.0-54CreditsTony Kuo (CHT Security), Jalong Chen (CHT Security)

    More
  • CHT Security Discovered Several Vulnerabilities in Well-known Japanese Email System

    CHT Security Red Team discoveredseveral vulnerabilities (CVE-2020-5540,CVE-2020-5541) in a well-known Japanese email system. The email system has Cross-Site Scripting (XSS) and Open Redirect vulnerabilities. More than 40 organizations including government, education and financial sectors are affected. The vulnerabilities are briefly described as follows:CVE-2020-5540:An attacker can perform cross-site scripting attacks prior to authentication. This vulnerability exists in multiple versions of the email system. This vulnerability is classified as A7-Cross-Site Scripting (XSS) in OWASP Top 10 2017.CVE-2020-5541:Attackers can perform unverified forwarding and redirection. This vulnerability exists in multiple versions of the email system. This vulnerability is classified as CWE-601: URL Redirection to Untrusted Site (Open Redirect).Email system is one of the core systems of an enterprise. Once hacked, emails which may include identification and organization information can be leaked. Enterprises often overlook the criticality of email system since they usually use package software or subscribe to services.As per the experience of our penetration testing team, vulnerabilities in web-based email systems are often found. The XSS and Open Redirect in this case are common vulnerabilities that enable hackers to launch phishing or identity theft.The vendor has released related patches after receiving our report. If your organization or enterprise is using the affected e-mail system, it is recommended to contact the vendor for patching and updating as soon as possible.CHT Security also recommends the following measures:Enterprise: Contact the vendor to install the patch as soon as possible.Email system vendor: Implement input validation in the applications. It is recommended to adopt Secure Software Development Life Cycle (SSDLC), provide secure coding training, and regularly conduct security tests, such as Source Code Security Analysis and Penetration Testing, to effectively ensure product security for the clients.This CVE report has been acknowledged on the Japanese vulnerability information portal site,Japan Vulnerability Notes (JVN), and covered by several Japanese information security media sites, including the following:1.https://scan.netsecurity.ne.jp/article/2020/08/13/44435.html2.https://www.security-next.com/1175133.https://www.excite.co.jp/news/article/Scannetsecurity_44435/

    More
  • CHT Security Discovered Several Vulnerabilities in Well-known Email System

    CHT Security Red Team discovered a Broken Authentication vulnerability (CVE-2020-10511) and an SQL Injection vulnerability (CVE-2020-10512) in a well-known email system. More than 20 organizations including government, financial and technology sectors are affected. The vulnerabilities are briefly described as follows:CVE-2020-10511: It is vulnerable to a privilege escalation vulnerability, which leads to execution of arbitrary OS commands via file parameter without authentication. The OS commands can be executed by any user accessing the page without authentication. This vulnerability affects many mail systems of governments, organizations, and companies. This vulnerability is classified as A2-Broken Authentication in OWASP Top 10 2017.CVE-2020-10512: Remote attackers can gain unauthorized data like users account and password for login into webmail. When accessing a victims account, remote attackers can modify the password. Remote attackers also can write arbitrary files like webshell on target system. It compromised the confidentiality, integrity and availability of data and system. This vulnerability is classified as A1 - Injection in OWASP Top 10 2017.Email system is one of the core systems of an enterprise. Once hacked, emails which may include identification and organization information can be leaked. Enterprises often overlook the criticality of email system since they usually use package software or subscribe to services.The vendor has released related patches after receiving our report. If your organization or enterprise is using the affected e-mail system, it is recommended to contact the vendor for patching and updating as soon as possible.CHT Security also recommends the following measures:Enterprise: Contact the vendor to install the patch as soon as possible.Email system vendor: Implement input validation in the applications. It is recommended to adopt Secure Software Development Life Cycle (SSDLC), provide secure coding training, and regularly conduct security tests, such asSource Code Security AnalysisandPenetration Testing, to effectively ensure product security for the clients.

    More

For Financial Institutions

Security Assessment, ATM Drills for Offense & Defense, DDoS Drills, GDPR Consultant.

For Enterprises

Large Enterprises: Gateway Protection, Endpoint Protection, Data Security, Regular assessment, ISMS, In-depth Defense with ISPs.
SMB & Soho: Anti-virus, Anti-hacking, Internet Protection.

For Government Departments

Regulation Compliance, Regional Joint Defense, SOC, ISAC, Common Supply Contract.