CODEBLUE2018@TOKYO 2018 Nov. 1, 2018 to Nov. 2, 2018, Tokyo, Japan

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Cyber Arms Race Mikko Hypponen We are living in a world where cyber attacks have become the norm.New kinds of ...
Keynote: Power, Patience, and Persistence: Chihiro’s Grand Strategy for Cyberspace Kenneth Geers In the opening scene of Spirited Away, a young girl peers into a long dark ...
Crashing to root: How to escape the iOS sandbox using abort() Brandon Azad Apple has greatly improved iOS security in recent years, but many attack surfaces remain largely ...
The Mystery of WannaCry Mutants - Revealing Mechanism of Infoleak Caused by the Mutation Makoto Iwamura WannaCry is a Ransomware with a worm function that brought massive damage in May 2017. ...
How to hack SD-WAN and keep your sanity? Sergey Goreychik Nowadays software designed networks, especially SD-WAN (software defined wide-area network) becomes “solution of choice” in ...
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out! Orange Tsai We propose a new exploit technique that brings a whole-new attack surface to defeat path ...
LogonTracer: Analyze Active Directory Event Logs Using Visualize and Machine Learning Shusei Tani Event log analysis is a crucial element in DFIR. In lateral movement incidents, analyzing Windows ...
Smart Fuzzing XPC & XNU Juwei Lin , Lilang Wu , Moony Lin Apple operation system has gained much popularity no matter in the personal computer (MacOS) or ...
WHAT THE FAX?! Yaniv Itkin Unless you've been living under a rock for the past 30 years or so, you ...
Remotely Cracking Smart Gun Safes: Verifying Secure Bluetooth Low Energy Implementations Austin Su In this talk we will detail the discovery and exploitation of multiple security vulnerabilities in ...
Dissect Android Bluetooth for Fun & Profit Jianjun Gong Before Android 4.2, BlueZ is the default Bluetooth stack. Starting with Android 4.2, Google launched ...
A Dive in to Hyper-V Architecture & Vulnerabilities Joe Joly Virtualization technology is an increasingly common foundation on which platform security is built and clouds ...
Wow, PESSR has Eroded Apple in Blink - Fun and Profit to Gain Dozens of iOS Vulnerabilities in Minutes by (P)ortable (E)xtensible (S)criptable (S)eed (R)eproducible Mobile Fuzzer Ju Zhu , Moony Wu As we all know, Apple has been enforcing security protection on its operation system (e.g. ...
Discover traces of attackers from the remains of disposable attack infrastructure - Detection indicator diagnosis system with dynamic/static DNS forensics Tsuyoshi Yoshimura In order to detect malicious activities, we often make use of blacklists. The blacklists are ...
Android War of Finding Needle in Haystack - Best Practice of Hunting System for Android Exploit in the wild Lilang Wu , Moony Lin , Todd Han As we all know, Android system has been gaining much popularity in the current world. ...
Bypassing Security Function of Windows ~To make only one wish ~ Satoshi Ogawa In many organizations, it seems that they conduct some kind of countermeasures such as restricting ...
Fuzz your smartphone from 4G base station side Tsojen Liu Fuzz testing is one of the effective way to find the vulnerabilities. There are already ...
The Decalogue(ish) of Contractual Security Sins Sebastian Avarvarei In today’s multi-sourced enterprise, your security is as good as the worst written contract. The ...
Methodology for controlling connected cars remotely Minrui Li In this talk, we will introduce our methodology for connected car security evaluation with low ...
Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies Alejandro Hernandez With the advent of electronic trading platforms and networks, the exchange of financial securities now ...
Practical method and practice of OSINT for cyber defense Ataru Ishii In this talk, I will explain standard method of OSINT (Open Source Intelligence), practical OSINT ...
GLitch: hammering your phone through WebGL Pietro Frigo GLitch is a JavaScript exploit that takes advantage of the (now) notorious Rowhammer vulnerability to ...
Wake up Neo: detecting virtualization through speculative execution Innokentii Sennovskii There has been several Speculative Execution vulnerabilities allowing to read privileged data from kernel mode, ...
RCE with Captive Portal Yongtao Wang , Yunfei Yang , Kunzhe Chai The wireless network is now becoming an important infrastructure for most enterprises, and many employees ...
Mirai’s Botnet#14 - how BestBuy and Deutsche Telekom ruined my (an many others) Xmas of 2016 Mirko Manske When 1.2 Millionen DE customers all of a sudden went off the internet probably for ...
Watch the Drop! A Case Study in Transnational Cyber-Criminal Money Laundering Rikki George In June 2018, the US FBI announced the success of two international operations, which led ...
Evolving Attacker Techniques in Cryptocurrency User Targeting Philip Martin Coinbase is one of, if not the, largest single store of cryptocurrency in the world. ...
Who's guarding the gateway? An officers' view on why law enforcement has it all wrong. Nicole Beckwith Every day organized and global cybercrime gangs take down large corporations and government entities, the ...
Chinese DDW Threat Actors' Relationship with Other DDW Communities Mark Schaefer Flashpoint analysts have increasingly observed Chinese Deep and Dark Web (DDW) threat actors indicate that ...
When Voice Phishing met Malicious Android App Kyoung-ju Kwak , Minchang Jang , Jaeki Kim The traditional voice phishing we know is that the attacker makes a call to the ...
From Seoul to Tokyo : Threats for Japan and South Korea Minseok Heo Korea and Japan are geographically close. However, as similar as their cultures and languages may ...
INTERNATIONAL COLLABORATION A TOOL FOR COMBATING BEC Alex Ogbole Business Email Compromise (BEC) is a global cyber crime phenomenon. It is a borderless crime ...
Targeted Attacks on the Blockchain (Hyperledger) J Haro The purpose of this talk is to create a (simulated) directed attack towards a proposed ...
CoinMiner are Evasive Thomas Moyal CoinMiners are on the rise, trending so high that in the last couple of month ...
Breaking Pseudo-Random Number Generator in Ethereum Smart Contracts Jonghyuk Song Generating random number in Ethereum smart contracts is very difficult because the execution result of ...
Crypto Gold Mine: Is Your Environment Safe? Austin Mcbride Organized crime has always embraced new technologies. The birth of cryptocurrency has made it easier ...
Legal Remedies against Network Layer Internet Intermediaries Jaani Riordan Network layer intermediaries, such as ISPs, hosts, and network operators, are increasingly called upon to ...
The concepts and legality of Active Cyber Defense - Japanese perspective Ikuo Takahashi As it is getting clearer that law enforcement has the limitation as the countermeasure against ...
Self-Help in Cyberspace: Defining the Scope and Limits of Private Sector Cyber Defense Wyatt Hoffman Cyber attacks targeting the private sector are increasingly frequent, widespread, and severe. Yet the roles ...
Cat and Mouse Game: China's Cryptocurrency Regulations and Cryptocurrency Cyber-Crime Mei Nelson Technological innovation, and related government regulations often have ambiguous effects. In most cases, governments would ...
Agile Cyber Deterrence: Policy Options for Cyber Middle Powers against Strategic Cyber Attacks Philipp S. Kruger The escalating global cyber threat environment requires a revision of obsolete national cyber strategies, especially ...
Privacy by Design Methodology: A path to GDPR Compliance for Software Development Vanessa Henri The GDPR is a risk model; no two compliance paths are the same. Each industry ...
Nuclear Weapons and Cyber Risks: Policy Recommendation for Enhancing Supply Chain and C3 Security and Resilience Julia Franziska Berghofer Although there have not been major cyber-attacks on nuclear weapons systems yet, the cyber threat ...
Smart Contract Honeypots for Profit (and probably Fun) Ben Schmidt Ethereum honeypot contracts combine the oldest of cons with the newest of tech. As it ...
Reading the norms of cyberspace - New role of technician community - Koichiro Sparky Komiyama In this presentation, I will focus on battle over rules to ensure cyber security, not ...