FFRI, Inc. http://www.ffri.jp



Similar documents
What is Really Needed to Secure the Internet of Things?

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Application Security Testing How to find software vulnerabilities before you ship or procure code

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Anatomy of Cyber Threats, Vulnerabilities, and Attacks

CRYPTUS DIPLOMA IN IT SECURITY

Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT

Marble & MobileIron Mobile App Risk Mitigation

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Revisiting SQL Injection Will we ever get it right? Michael Sutton, Security Evangelist

Reducing Application Vulnerabilities by Security Engineering

Bypassing Internet Explorer s XSS Filter

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Malicious Network Traffic Analysis

Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance

IoT IT Security and Secure Development Life Cycle

Exactly the Same, but Different

Carlos Muñoz Application Security Engineer WhiteHat

ASL IT SECURITY XTREME XPLOIT DEVELOPMENT

Where every interaction matters.

Web Application Security

Advancing Cyber Security Using System Dynamics Simulation Modeling for System Resilience, Patching, and Software Development

Information Security Attack Tree Modeling for Enhancing Student Learning

Next-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Christos Douligeris cdoulig at unipi dot gr. Department of Informatics University of Piraeus

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

Advanced Internet Security

Detailed Description about course module wise:

Brief self-introduction

Topics in Network Security

Web-Application Security

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Project Ideas. Semester long projects of medium scope. TAs presenting project ideas today. Students can submit their own ideas

Secure in 2010? Broken in 2011! Matias Madou, PhD Principal Security Researcher

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

Smart Grid Security: A Look to the Future

You don t hear me but your phone s voice interface does. José LOPES ESTEVES & Chaouki KASMI

Analytic and Predictive Modeling of Cyber Threat Entities J. Wesley Regian, Ph.D.

Protecting Your Organisation from Targeted Cyber Intrusion

Making the difference between read to output, and read to copy GOING BEYOND BASIC FILE AUDITING FOR DATA PROTECTION

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Hacking cookies in modern web applications and browsers

State of Web Application Security. Ralph Durkee Durkee Consulting, Inc. Rochester ISSA & OWASP Chapters rd@rd1.net

Connected Threat Defense Strategy. Eva Chen, Co-Founder and CEO

Botnets: The Advanced Malware Threat in Kenya's Cyberspace

The Cloud App Visibility Blindspot

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

MIS 510: Cyber Analytics Project

Welcome Back Roberto Casetta, Snr. Vice President International. The Story Behind The Crystal Pete Daw, Cities Urban Developer Siemens Plc

Bank Hacking Live! Ofer Maor CTO, Hacktics Ltd. ATC-4, 12 Jun 2006, 4:30PM

The Top Web Application Attacks: Are you vulnerable?

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

Network Security Testing using MMT: A case study in IDOLE project

Sandy. The Malicious Exploit Analysis. Static Analysis and Dynamic exploit analysis. Garage4Hackers

Hacking Medical Devices

Privacy and Security in Healthcare

RETHINK SECURITY FOR UNKNOWN ATTACKS

Using Foundstone CookieDigger to Analyze Web Session Management

MSc Cyber Security. identity. hacker. virus. network. information

How Security Testing can ensure Your Mobile Application Security. Yohannes, CEHv8, ECSAv8, ISE, OSCP(PWK) Information Security Consultant

EXECUTIVE BRIEF. IT and Business Professionals Say Website Attacks are Persistent and Varied. In this Paper

The Internet of Things Risks and Challenges

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

OWASP AND APPLICATION SECURITY

Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS

How to start a software security initiative within your organization: a maturity based and metrics driven approach OWASP

Web Vulnerability Scanner by Using HTTP Method

Anti-exploit tools: The next wave of enterprise security

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay

things you haven t done to protect your business from cybercrime

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

Covert Operations: Kill Chain Actions using Security Analytics

Obtaining Enterprise Cybersituational

SCADA Security Training

What is Web Security? Motivation

External Supplier Control Requirements

A Review of Web Application Security for Preventing Cyber Crimes

SecureAge SecureDs Data Breach Prevention Solution

Deploying Firewalls Throughout Your Organization

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Interactive Application Security Testing (IAST)

Transcription:

Monthly Research CODE BLUE 2015 Report FFRI, Inc. http://www.ffri.jp Ver 1.00.01 1

2 Introduction The international security professional conference CODE BLUE 2015 was held in Tokyo October 28-29. More than 600 people were attended this 3rd CODE BLUE. Our researchers also announced research results in this CODE BLUE. We show about CODE BLUE 2015 and interesting presentations.

Agenda CODE BLUE 2015 Presentations of FFRI researcher Security threats in IoT Bug Bounty state-of-the-art Rapidly increasing Advanced Persistent Threat (APT) New challenge Youth Track Summary 3

CODE BLUE 2015 Two new challenges 2 track Parallel 2 presentations of different themes Youth Track Presentation by less than 25-year-old researcher 4

Presentations by FFRI researcher ios malware trends and the malware detection with the dedicated gadgets Motoki Nishio Threat Analysis of Windows 10 IoT Core and Recommended Security Measures Naohide Waguri Further details will be announced later on http://www.ffri.jp/research 5

Security threats in IoT (In)Security of Medical Devices Florian Grunow is a security analyst at ERNW. He presented cyber attacks targeted medical equipment. He attacked equipment to adjust the dosage and measurement instruments used during surgery. Wireless security testing with attack Keiichi Horiai presented the attack on the wireless technology using the SDR(Software Defined Radio). He showed about GNURadio and the replay attack for RF signal, sniffer for wireless keyboards with some demos. 6

Security threats in IoT (cont'd) Cybersecurity of SmartGrid Aleksandr Timorin is security researcher, author of ICS/SCADA network security toolkits. Sergey Gordeychik is the Director and Scriptwriter of the Positive Hack Days forum, captain of SCADAStrangeLove.org team and Web Application Security Consortium (WASC) contributor presented about smart grid security. They showed safety assessment of the various elements of smart grid technology from solar power generation system to digital substation. 7

Bug Bounty state-of-the-art Defeating Firefox Muneaki Nishimura, also known as Nishimunea, is a security researcher and weekend bug hunter. He got about 60,000 USD bounties in this year. He presented pattern of vulnerability and finding method. Many browsers do not meet the requirements defined in the RFC at first. Therefore, many vulnerabilities are found at new functions. When new functions had been released you can found vulnerabilities with specifications based testing. 8

Bug Bounty state-of-the-art (cont'd) X-XSS-Nightmare: 1; mode=attack XSS Attacks By Abusing the XSS Filter Masato Kinugawa has the number of reports of the world second place in Google s bug bounty program and reported vulnerabilities to many products. He presented about new XSS technique using XSS Filter in Internet Explorer and Edge. XSS Filter is rewriting part of pages to prevent XSS. He exploited this for html tag breaking XSS. There was no referral for specific attack methods in the his presentation. But if finishing coordination with Microsoft, it will be published. 9

Rapidly increasing APT Revealing the Attack Operations Targeting Japan Shusei Tomonaga and Yuu Nakamura are analyst of JPCERT/CC They are presented about APT operations targeting Japan. Emdivi and the another advanced case Latest attack techniques and malware and attack tools The attacks utilizing the iptables not to leave any traces They also showed analyzing techniques and tools for APT. IDA Python script for analyzing Emdivi It s published on GitHub now. 10

Rapidly increasing APT (cont'd) Ninja Correlation of APT Binaries Bhavna Soman presented a variety of techniques suitable for evaluating actual code similarity malware specimens used in the APT. Create a cluster of binary that each specimen of similarity metric based on, such as technology to evaluate its accuracy has been introduced. Failures of security industry in the last decade - Lessons learned from hundreds of cyber espionage breaches Sung-ting and Chi-en Shen presented about cyber attacks with a focus on Asia. They showed concrete cases of cyber attacks as about Japan Pension Service, and how attackers break the security measures. 11

New challenge Youth Track PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynamic Binary Instrumentation and Fuzzy Hashing Yuma Kurogome presented about automatic identification of malware encryption algorithm using fuzzy hashing. Zeus s source code was leaked and various variants have produced. He introduced a method of extracting portion that contains encryption process by focusing on such as arithmetic bit operations and loop structure in which these malware do. He also showed the avoidance technique of analysis interference function using LLVM. His technique disables anti-analysis function using the fuzzy hashing. 12

New challenge Youth Track (cont'd) Master Canary Forging: A new exploitation method to bypass stack canaries Yuki Koike who is a student at Nada High School in Japan, many CTF finalist and champion presented about new bypass technique of stack canary. Previously, the main methods to bypass stack canaries were to exploit different vulnerabilities to either avoid the canary validation completely, or to provide the correct canary value by leaking the value. He proposed a new technique to bypass stack canaries in SSP which takes a different approach from the previous methods. He showed rewriting of master canary with demo. 13

Summary CODE BLUE 2015 had over 600 visitors from many countries. It had started two track presentation and youth track. Two teenagers and a student were on stage. IoT Security Medical equipment and social infrastructure were studied. The white hackers reported these vulnerabilities. Bug Bounty APT Japanese bug hunters are active in the world. There are things to learn from their way. APT would have invaded various organizations in Japan. Forum for information exchange, such as the CODE BLUE is required to counter APT. 14

15 References SPEAKERS CONTENTS CODE BLUE : International Security Conference in Tokyo where Global Security Trends, Top Notch Professionals, and participants intersect http://codeblue.jp/2015/en/contents/speakers.html

Contact Information E-Mail : research feedback@ffri.jp Twitter : @FFRI_Research 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information