News & Regulations

Cybersecurity Alert

Cybersecurity landscape is changing. Hospitality industry needs to be aware of POC malware and “third party” or “Supply-Chain” attacks. Business entities in Hong Kong should perform security risk assessment on their outsourced IT operations. Attacks can also be caused by insiders.

Hospitality industry and outsourced IT operations Report

Cybersecurity Alert

Many SMEs in Hong Kong their IT support to external IT service companies Those ad hoc IT teams tend to deliver their IT maintenance services through RDP (Remote Desktop Protocol) to the clients’ computers from their Internet facing devices. We observed that many Internet facing RDP connections are subject to brute force attacks and compromised systems were planted with ransomware after sufficient data has been collected.

Firewalls and anti-virus solutions are insufficient and ineffective in protecting against these threats, especially if they are mis-configured. We advise Hong Kong SMEs to put additional cybersecurity countermeasures such as security incident monitoring to defend their critical computer networks and systems and identify the source of the attacks. Otherwise, recurring attacks might happen.


DAT Pro Bono Cyber Defense Program (Advanced attacks)

  • Providing Pro Bono protection to NGO in Hong Kong
  • Registered members receive free preliminary security assessment and free use of host-based compromised assessment tool

Pro-Bono Program Details

Industry 4.0 will bring about highly connected and digitized global industry supply chain. Yet the accompanying cyber security risks should not be ignored.

The "Cyber Security for Industry 4.0 International Conference -- Connecting to Tomorrow's Global Supply Chain" aims to bring together international experts to transfer knowledge, international experiences and best practices in managing change of paradigm to the industry of Hong Kong, and the IT service providers supporting the industry.

The target audience of this two-day conference are the manufacturing industry, implementation and control units from factory including automation device suppliers, management of IT procurement, IT vendors and system integrators that provide service to factory, information security professionals and IoT suppliers and those who are interested in developing in Industry 4.0.

The conference includes technical seminar sessions by presented by overseas and local cyber security experts and technology showcase / demonstrations by technology solution providers.

The Securities and Futures Commission (SFC) today released Guidelines to Reduce and Mitigate Hacking Risks Associated with Internet Trading (Guidelines) issued under section 399 of the Securities Futures Ordinance. The Guidelines set out 20 baseline preventive, detective and other control requirements for the industry to improve cybersecurity resiliency.

Press release

Our Mission

to assist our clients to identify, manage, monitor, block, and investigate cyber attacks effectively by referring to reliable cyber threat intelligence

Our Story

In 2017, our founders see clearly the increasing demands from organizations who want to enhance their cyber security defenses against the most dangerous and sophisticated attackers. Moreover, leaders at the highest levels of any enterprise now require deeper and more precise awareness of cyber threat dynamics and their potential consequences. However, most businesses still find it challenging, sometimes impossible, to identify competent and trustworthy experts to help leaders guide their organizations to a robust security posture.

Data leakage and service disruptions are escalating at an alarming rate, such that every leading organization can become the next target. Meanwhile, most advanced economies are tightening their regulations around mandatory breach reporting, while the market and courts are growing less forgiving towards firms whose partners and customers incur harm or costs because of successful intrusions.

Ensuring world-class cyber security and resilience is a difficult and complex endeavor at which only a rare few organizations have yet succeeded in even partial and relative terms. We realized that organizations’ internal resource constraints are one of the most common reasons for persistent insecurity. In-house information security or incident response teams are usually only provided with limited resources and often even less time to handle investigations and forensic needs. They rarely, if ever, have opportunities to evaluate the merits of next-generation technologies or to explore the many ways in which cyber threat intelligence can assist them in honing their proactive defenses for maximal protective effect.

Because our founders have solved these problems successfully in varied contexts as we accrued many years of experience as cyber security professionals, we decided to establish Dragon Advanced Tech. To do this, we have gathered some of the smartest, most diligent information security practitioners in the area to deploy effective and feasible solutions, encompassing technology, analysis, and polished client engagement. Our goal is to work as trusted advisors to our clients, working together to narrow the advantages now enjoyed the sophisticated adversaries we all face in this asymmetric war of information and economics.

Our service covering HongKong/Macau, Singapore, Malaysia, Philippines and U.K.

Leadership and management

Visionary security professionals
with extensive experience

Frankie Li – VP of Finance and Alliance

Eli Jellenc – UK Liaison | Cyber Threat Intelligence (CCTIM)

Ken Ma – Security Engineer

Michael Tung - Legal Advisor

Frankie Li

An independent malware analyst

Speaker in various security conferences, such as Blackhat US, HITCON, HTCIA

Founder of Dragon Threat Labs ( and DragonCon (

Researching topics:

  • Malware Analysis
  • Cyber Threat Intelligence
  • ATM Malware
  • IoT Security
  • SCADA/ICS Security
  • SOC and Security Analytics

Eli Jellenc

Cyber Threat Intelligence Analyst, Manager, and Advisor for over 13 years

Originated and grew successful threat intel programs for 2 major security firms, and created development plans on behalf of many others

Established a major US security firm's operational presence in Europe and Japan

Past presentations at FIRST, NATO, CodeGate, HTCIA, AVTokyo, PacSec, among others

Author of dozens of cyber policy analyses and advisory reports for governments and multinational firms, including threat modeling guidance for the Bank of England's CBEST programme

Researching topics:

  • Strategic and Political Risk Analysis
  • Cyber Security Policy and Regulation
  • Statistical Modeling
  • Malicious Actor and Campaign Analysis
  • Threat Scenario Modeling

Ken Ma

An independent security researcher

Worked in Hong Kong stocks brokerage firms for 7 years with role in infrasructure and security design and operation

Member of Dragon Threat Labs (

Researching topics:

  • Red and Blue Team TTP

Michael Tung

Legal Advisor

To provide advices on cyber security laws and cyber crime and forensics investigations services performed by our technical specialists

Our Services

Incidence Response

We can help you to identify quickly, contain efficiently and eradicate advance cyber attacks

Our experienced incident responders can provide on-site and cloud base emergency reponse service

Forensics & Investigations

Applying business analytics, our digital forensics and data acquisition services can help you resolve disputes, identify fraud and performing regulatory investigations more accurately

Security Monitoring and Management

Our SOC can help you to proper manage possible attacks by monitoring you computer systems and networks facilities

Cyber Threat Intelligence

Our threat analysts can provide effective insights on various threat actors by aggregate and correlate their TTPs and collection of malicious activities from selected endpoint technologies

Customer can get access to and supported by our unique threat intelligence to quickly identify possible attacks

We are a strong supporter of open source tools therefore we developed #Maltelligence and support the development of #ThreatMiner

Penetration Testing

Our experts are most qualified and extensively trained red team who can quickly identifying your systems or network vulnerabilities, but also equipped with mind sets of blue team to provide recommendations to replace the identifies loopholes


We offer bespoke, hands-on training programs to strengthen cyber security professionals at any level with the knowledge, skills, and live experience to handle the most adverse attack situations, all reflecting real-world dangers they will confront every day

Frankie an Instructor of Application Security classes of HK Police CSTCB and a guest lecturer in HKU MSc Reverse engineering and malware analysis classes

DAT Careers

Dragon Advance Tech (DAT) offers immediate opportunities in our Team.

Technical Intelligence Analyst

DAT has an immediate opening for a Technical Threat Researcher to join our team. The position provides an opportunity to develop the skill set to provide supports to our esteemed clients to defend their computing systems and networks from a range of cyber threats include Advanced Persistence Threat groups and cyber criminals/gangs:

This candidate is expected to have these qualifications:

  • Bachelor degree or equivalent
  • Proactive and self-motivated
  • Be able to work in an environment with little supervision
  • Knowledge of cyber threat landscape
  • Experience with:
    • Malware reverse engineering
    • Collection and analysis of technical security data (e.g. IOCs)
    • Authoring of threat research reports (technical parts)
    • Development of threat intelligence sharing platforms

General Responsibilities

  • Threat research and malware reverse engineer, under supervision of higher levels of strategic intel and CTI professionals
  • Implementation and integration of threat research in analysing attack incidents
  • Malware analysis
  • Network traffic analysis
  • Memory Analysis
  • Detection rule writing to hunting adversary’s attack indicators

Please feel free email to if you are interested in the opportunity.

Cyber Security Analyst

DAT has an immediate opening for a Cyber Security Analyst to join our CSOC team. The position will involve a mix of technical security desgin, opeation, assurance and review in addition to maintenance of process/procedures/tools to demostrate security controls that are embedded across our clients' computing systems and network.
Curiosity, imagination and cold-headed judgement are as important as technical skills.

This candidate is expected to have these qualifications:

  • Bachelor degree or equivalent
  • Proactive and self-motivated
  • Be able to work in an environment with little supervision
  • Knowledge of cyber security ecosystem and the latest cyber security landscape
  • Experience with:
    • Familiar with the security practices on patch/change management, vulnerability scanning, system hardening and malware detection
    • Good knowledge in security features of firewall, IDS/IPS, database, web server/applications and Windows/Linux platforms
    • Perferrable to have hands on experience in SIEM, HIDS, NIDS/NIPS, netflow anlaysis
    • Best to be a CISSP, CEH, GIAC, OSCP or similar certifications
    • Knowledge in programming languages such as: C, C++, Python

General Responsibilities

  • Familiary with security management principles and practies
  • Experience of managing security incidents
  • Log collection/analysis, network security monitoring and incident investigation/response
  • Perform tactical analysis on core network services profiles (such as: SMTP, DNS, HTTP, and HTTPS)
  • Explain, critically analyze, compare on how to build effective alerts by collecting variety of events or incidents collected or use cases analyzed.

Please feel free email to if you are interested in the opportunity.

Penetration Testers

DAT has two immediate openings for a Penetration Tester to join our team. The position provides an opportunity to develop the skill set to provide supports to our clients, especially in the financial sectors, to defend their computing systems and networks and to help them to implement the proposed CFI imposed by HKMA in May 2016:

This candidate is expected to have these qualifications:

  • Bachelor degree or equivalent
  • Proactive and self-motivated
  • Be able to work in an environment with little supervision
  • Knowledge of cyber threat landscape
  • Experience with:
    • General security practice in the banking industry
    • Working with strategic intel and CTI professionals
    • Special focus on cyber resilience, data protection in cyber security governance
    • Assessing the network and application security in a wide range of industry sectors
    • Working with clients to understand their testing requirements
    • Collaborating with the testing team to share knowledge and expertise

General Responsibilities

  • CREST CPSA or CRT or OSCP certification
  • CCASP Tester (Infrastructure) or CCASP CRT
  • 2+ years’ penetration testing experience
  • Proven ability to perform security assessments or vulnerability assessments
  • Experience in web and mobile app testing
  • A highly analytical mindset

Please feel free email to if you are interested in the opportunity.