Oct 2023 – Present · 2 yrs 7 mos

• At SYON Security Ltd, we provide Advanced Cyber Security Services to our global client base. Our team consist of world-class experts that adopt the "adversarial" mindset and role to provide a necessary alternative analysis of your organisation's security.
• Our team are battle-hardened and ready with real-world capabilities. We retain our clients through high value and cost effective Red Team exercises which out-class our competitors.

Sep 2023 – May 2024 · 8 mos

• Temporarily stepping in as the FC
• Payroll, HR, admin, tax, and more

Apr 2021 – Present · 5 yrs 1 mo

• https://adversaryvillage.org/cfp-review-board/
• Vincent is on the Defcon 29, 30, 31, 32, 33 Adversary Village CFP Review Board and shares his expertise to ensure selection of the best papers and research to be showcased in the prestigious event.
• Helping to filter out the noise.

Sep 2019 – May 2021 · 1 yr 8 mos

• The fourth industrial revolution is driving change at an exciting pace—creating an increasingly global, digital, and interconnected world. The resulting pervasiveness of cyber brings both new business opportunities, and new cyber threats. Deloitte has led the way through every era of cyber risk, from compliance, to resilience, to complexity. Our heritage, combined with deep tech expertise and broad industry experience, means we’re prepared for virtually every scenario.
• Deloitte’s Cyber Risk services can help clients perform better, solving complex problems so organizations can build confident futures. Smarter, faster, more connected futures. Better futures never before thought possible—for business, for people, and for the planet. Using human insight, technological innovation, and comprehensive cyber solutions, we manage cyber everywhere, so society can go anywhere.
• Deloitte provides industry-leading audit and assurance, tax and business advisory, consulting, financial advisory and risk advisory services to nearly 90 per cent of the Fortune Global 500 and thousands of private companies. Its professionals deliver measurable and lasting results that help reinforce public trust in capital markets, enable clients to transform and thrive, and lead the way toward a stronger economy, a more equitable society and a sustainable world. Building on its 175-plus year history, Deloitte spans more than 150 countries and territories. Learn how Deloitte’s more than 345,000 people worldwide make an impact that matters at www.deloitte.com .
• Lead the Red Team, Penetration Test, and iCAST services for Hong Kong, Macau, and Greater China.
• Hiring and recruitment
• Sales
• Delivery
• Service Line development
• Product development

Dec 2018 – Dec 2018 · 0 mo

• Trained senior level students with Red Team insights and provided a hands-on view of modern attack techniques.

Jun 2018 – Present · 7 yrs 11 mos

• At SYON Security Ltd, we provide Advanced Cyber Security Services to our global client base. Our team consist of world-class experts that adopt the "adversarial" mindset and role to provide a necessary alternative analysis of your organisation's security.
• Our team are battle-hardened and ready with real-world capabilities. We retain our clients through high value and cost effective Red Team exercises which out-class our competitors.

May 2015 – May 2021 · 6 yrs

• https://vincentyiu.com
• Automated Shellcode Mutation - Backdoor Series
• WePWNise - Tool to generate sophisticated Office Macro generation to bypass EMET
• Domain Fronting using High Profile Domains - Using Government, Financial and other domains for Command and Control
• Domain Fronting using Tor2Web Services and Hiding of Onion URL - Using TOR for C2 without installing TOR on target.
• Exploiting CVE-2017-0199 HTA Handler Vulnerability - First publicly available Weaponisation PoC / Video Tutorial
• RDPInception - Tool and PoC to automate worm / attack on TSCLIENT using RDP
• CACTUSTORCH - Payload generation Tool and PoC of weaponising James Forshaw's DotNetToJScript research
• LinkedInt - Tool to automate reconnaissance against an organisation and prediction of e-mail formats / report generation.
• ANGRYPUPPY - Cobalt Strike Aggressor Script to automate execution of Domain Privilege Escalation
• Exploiting CVE-2017-8759 WSDL SOAP Parser Code Injection Vulnerability - First working PoC in RTF autotrigger with no prompts + Weaponisation video
• Cloudjacking - hijacking sub domains and domains to obtain trusted and categorised entries that can be used for command and control
• MaiInt - Tool to automate reconnaissance against a target organisation and predict email addresses for employees and generate reports. Mainly applies to China based organisations.
• morphHTA - A tool to take Cobalt Strike's PowerShell HTA format, completely obufscate and generate fake code paths, and change the COM spawning mechanism to Explorer or WMI.
• genHTA - A tool to generate anti-sandbox HTA payloads through the use of a form
• Weaponising CVE-2018-4878 - First to share weaponised PoC
• DomLink - Tool to discover more domains owned by the organisation based on reverse WHOIS.

Oct 2017 – Jun 2018 · 8 mos · Manchester, Greater Manchester, United Kingdom

• FusionX UK Red Team
• Vincent simulates realistic threats utilising both private and commonly adopted threat actor Techniques, Tactics, and Procedures (TTP) to identify valuable systemic issues in client environments. These systemic issues allow for a fast track towards improving security strategy and readiness to fend off real cyber attacks.
• Speaker at Jingdong Security Conference Beijing 2017 - Cloudjacking for Command and Control

Oct 2017 – Jun 2018 · 8 mos · Manchester, Greater Manchester, United Kingdom

• Lead and Manager for FusionX Red Team services in the UK.

Aug 2017 – Sep 2022 · 5 yrs 1 mo · Remote

• Thank my good friend Kevin for his support and vision. We battled the world as part of the Ghost Team and helped many customers understand their cyber risk.

Sep 2016 – Oct 2017 · 1 yr 1 mo · UK Wide

• MDSec consulting is a leading firm in the cyber security space. I operate as a member of the ActiveBreach team. Present to CISO/Head of security. Work for many in FTSE 100. Vincent is often requested by name.
• Security Consultancy
• Scenario Based Penetration Testing
• Product and Security Research
• Tool and Exploit development
• Red Team Lead / Attack Simulation / STAR
• Asset and Goal Driven Assessments
• Specialise in Active Directory and Windows
• Digital Forensics and Incident Response
• Network Infrastructure, Architecture, Web Applications and Services (Internal/External)
• Build and Configuration Review
• Firewall Configuration Review
• Network Segregation and Architecture Review
• Wireless Security Assessments
• Security Gateway Assessments (Proxy, E-mail, Sandbox (FireEye))
• Active Directory review
• GPO review
• ACL review
• VPN and remote access infrastructure review
• Citrix and Locked down Environment Breakouts
• Multi tenant attack path modelling and PoC where possible
• CHECK Team Leader
• Purple team consultant
• Develop and define methodologies for new areas of testing as required
• Attend strategic client meetings / Board level de-briefs
• UK Wide
• Speaker at Snoopcon 2017 - A Year in the Red
• Speaker at Steelcon 2017 - A Year in the Red
• Speaker at BSides Manchester 2017 - A Year in the Red
• Speaker at HITB GSEC 2017 - A Year in the Red
• Invited Speaker at CISO Security Information Group Q4 2017

May 2015 – Sep 2016 · 1 yr 4 mos · UK Wide & Asia

• MWR is a global cyber security firm. As a consultant, I deliver a wide range of services for our clients. Performing activities from scoping all the way to delivery of the report. Work with FTSE 100.
• Author of wePWNise
• Security Research
• Interview candidates
• Project Scoping
• Client relationship
• Red Team / STAR / Targeted Attack Simulation
• Web application testing
• Web service testing
• Security Systems Architecture review
• Infrastructure testing
• PCI DSS
• Desktop / Environment Breakout
• Build / Configuration reviews
• Network Segregation review
• Exploit development
• Custom protocol review
• UK Wide & Hong Kong
• Speaker at Snoopcon 2016 - One Template to Rule Them All

Nov 2014 – Mar 2015 · 4 mos · London, United Kingdom

• Finalist at Masterclass 2015 which took place on the HMS Belfast in London.
• Competed in approximately 5 separate challenge events in total.
• News & Media:
• Independent:
• http://www.independent.co.uk/life-style/gadgets-and-tech/news/cyber-security-challenge-hack-into-hms-belfast-and-blow-up-the-mayor-10104947.html
• Telegraph:
• http://www.telegraph.co.uk/technology/internet-security/11467748/UKs-largest-cyber-terror-attack-simulation-gets-underway-on-HMS-Belfast.html
• Wired:
• http://www.wired.co.uk/news/archive/2015-03/13/cyber-war-game-hms-belfast
• BBC:
• http://www.bbc.co.uk/news/uk-31875832

Jun 2014 – Aug 2014 · 2 mos

• Spread importance and awareness of common cyber security threats.
• Project and Security Risk Management.

Mar 2007 – Sep 2013 · 6 yrs 6 mos