CyStack Security

29/08/2025

CYSTACK THÔNG BÁO LỊCH NGHỈ LỄ 02/09 🇻🇳

Kính gửi Quý khách hàng và đối tác,

CyStack xin trân trọng thông báo tới Quý khách hàng và đối tác lịch nghỉ lễ Quốc khánh 02/09 như sau:

🎈Thời gian bắt đầu nghỉ lễ: Thứ Bảy, ngày 30/08/2025
🎈Thời gian quay trở lại làm việc: Thứ Tư, ngày 03/09/2025

Kính chúc Quý khách hàng/Quý đối tác cùng gia đình có một kỳ nghỉ đầy ắp niềm vui và thật nhiều ý nghĩa.

05/09/2023

“From Password to Passwordless” - Igniting innovation of passwordless authentication at FIDO APAC Summit 2023! 🇻🇳

CyStack marked its impactful presence on the second day of the FIDO APAC Summit 2023 with a presentation called “From Password to Passwordless” from our CEO and Founder Mr. Trung Nguyen.

Mr. Trung highlighted the role of password managers in the journey from password-based to passwordless authentication and outlined the view of a future of strong passwordless authentication from the perspective of a cybersecurity expert with many years of experience. Thereby, Mr. Trung proposed impressive ideas and successfully closed the second day of the event.

CyStack had the opportunity to meet, communicate and exchange with leading experts of cybersecurity in the region. We have gained many new perspectives, which is a valuable preparation for the development of CyStack in the future.

Sincere thanks to FIDO Alliance and VinCSS for organizing such a meaningful event. Thanks to all the attendees, guest speakers and journalists who made this event a resounding success. Together, we have mapped out the next steps in shaping a promising digital future.

04/08/2022

A large-scale attack targeting Solana network users took place yesterday (August 3, 2022). A large number of users have reported that their crypto wallets have been drained of all assets for unknown reasons. Approximately 9,000 wallets with nearly $4 million have been compromised so far.
https://dune.com/tristan0x/solana-hack-3822

The attack stemmed from a security flaw in the Slope Wallet (https://slope.finance/). This application uses Sentry, an open source library, to log exceptions in the runtime. It remains unclear whether the Slope developers logged users’ private keys/passphrases to the Sentry server by accident or on purpose. Somehow, the attackers managed to gain access to this server, collected all logged private keys, and then controlled users’ wallets to withdraw funds.
https://twitter.com/Zellic_io/status/1554936151194025985

Slope later confirmed that they had deleted the entire log to prevent further damage. https://twitter.com/slope_finance/status/1555100731706949639

Considering the severity and ambiguity of this incident, CyStack recommends that Slope users take a cautious approach by EITHER immediately transferring their assets to other non-custodial wallets OR creating a new Slope wallet and then completely deleting their current one.

“Additional information: The server-side logging was removed as soon as the vulnerability was discovered. At this moment, 1444 of the 9223 (15%) wallets affected could potentially be traced back to this vulnerability. Continued ⬇️”

09/01/2022

Details of the remote code ex*****on vulnerability in the Cyclos payment software which was exploited in the recent attack on ONUS discovered by CyStack

CyStack Advisory ID CSA-2021-01 CVE IDs CVE-2021-44832 Severity Critical CVSS v3 Base 10.0 Synopsis Cyclos is a payment software created for banks, barters, remittances, and innovative currency systems. Cyclos is used by more than 1500 payment systems worldwide. CyStack recently found that Cyclos ve...

28/12/2021

Over the past week, CyStack has worked with ONUS on incident responses to a cyberattack that affected nearly 2 million users of the platform. The following post will describe and analyze in detail what happened to ONUS.

English version: https://cystack.net/research/the-attack-on-onus-a-real-life-case-of-the-log4shell-vulnerability
Vietnamese version: https://cystack.net/research/cuoc-tan-cong-vao-onus-goc-nhin-ky-thuat-tu-lo-hong-log4shell

Đọc bản tiếng Việt tại đây Log4Shell has recently been a nightmare (probably the worst one for now) to businesses. ONUS, a client of ours, was an unfortunate victim. As their security partner, CyStack informed ONUS of the risks right after Log4Shell came to light; when the attack actual...

13/12/2021

CyStack has released a plugin for detecting the vulnerability (aka. CVE-2021-44228). Scan now at https://web.cystack.net

We also offer https://dnsbin.net as a DNS logging tool for researchers who are hunting this flaw.

CyStack Web Security - Security scanning and monitoring tool for websites, web applications, servers and APIs. Detect OWASP Top 10 security vulnerabilities, known, CVE, and zero-day vulnerabilities, infrastructure misconfigurations, and subdomain takeovers vulnerabilities. Get 1 free scan for your w...

02/03/2021

[HIRING] CyStack is looking for talented researchers and security engineers who want to accompany us in developing one-of-a-kind security solutions to protect users against threats from the Internet.

Please see details below

CyStack đang tìm kiếm các kỹ sư và nhà nghiên cứu bảo mật tài năng đồng hành cùng chúng tôi trong hành trình phát triển các giải pháp an ninh mạng tuyệt vời cho người dùng.

18/12/2020

Our research about macOS rootkit emulation which was presented at BlackHat USA 2020

Kernel rootkit is considered the most dangerous malware that may infect computers. Operating at ring 0, the highest privilege level in the system, this super malware has unrestricted power to control the whole machine, thus can defeat all the defensive and monitoring mechanisms. Unfortunately, dynam...

05/08/2020

Early tomorrow morning (Vietnam time), the researcher Do Minh Tuan from CyStack and two other Vietnamese researchers will talk at Black Hat Events - BH USA 2020.

His research proposes a novel approach to deal with kernel rootkits, Demigod, a framework to emulate OS environments, so kernel rootkits can be run in software emulators, all in ring 3. From this sandbox, malware analysts can safely monitor, trace, debug, or perform all kinds of dynamic analysis with this advanced malware.

https://www.blackhat.com/us-20/briefings/schedule/ -the-art-of-emulating-kernel-rootkits-20009

Black Hat USA 2020

06/07/2020

Recently, a critical vulnerability is found in the BIG-IP product of F5 Networks which assigned as CVE-2020-5902.

This vulnerability allows for unauthenticated attackers, or authenticated users, with network access to the TMUI, through the BIG-IP management port and/or Self IPs, to execute arbitrary system commands, create or delete files, disable services, and/or execute arbitrary Java code. This vulnerability may result in a complete system compromise.

CyStack has added signatures for this flaw to our vulnerability scanner. Businesses can check if their system is vulnerable to this flaw by using our free scanner at https://scan.cystack.net

We also offer security monitor service for Servers and Websites on a large scale at https://cloud.cystack.net

CyStack Scan is a Web vulnerability scanner. It can detect security issues in your website, server & cloud service mis-configuration.