/* No speaking simultaneous interpretation is available , however, we try to show the slides in both english & japanese as much as we can. */
[ja] ROP Illmatic: Exploring Universal ROP on glibc x86-64
Today, ROP (Return-oriented Programming) is widely used method for arbiraty code execution via program vulnerabilities.
A security engineer who desires to be a Zashiki-warashi (Japanese
ApplicationCachePoisoning is a hot topic these days. I suppose that many of you have problems as follows: "What kind of damage is coming out?", "I don't know how to attack.", "How can I protect against it?"
Despite ApplicationCachePoisoning NEWBIE about one year and 3 months, I will try my best to enjoy everyone using real attack vector examples.
Incident response and forensics is becoming more and more important for security teams across companies. We are seeing more and more databreaches every year.
Often IT (security) teams are not fully prepared or do not have the budget for security analysis tools or their own security analysis lab. This presentation will show how anyone without access to his own lab or tools can leverage online (crowdsourced) security tools and platforms for his own incident response. Call it the 100 yen Cybersecurity Toolkit.
Security4all has been working in IT security for 10 years and moved to Tokyo 2 years ago. He is a co-founder of BruCON, a Belgian security conference and frequents hacker conferences and hackerspaces around the world. He believes in building bridges in the security and hacker community and you can find him often at hacker conferences with a club mate in his hand.
hasemunea (nishimunea and HASEGAWA Yosuke)
Content-Security-Policy is implemented in modern browsers including Firefox for the purpose of eradication of XSS, and is improved continuously.
hasemunea (nishimunea and HASEGAWA Yosuke) :
nishimunea (Muneaki Nishimura), Member of Firefox OS Community, Japan / A Weekend Bug Hunter
An engineer of NetAgent Co.,Ltd. / Secure Sky Technology Inc. technical adviser / http://utf-8.jp/
I will explain the attack methods of VAWTRAK which is a popular online banking malware in Japan. I will also talk about my observation of the malware's behavior.
Programmer at SecureBrain. Rubyist.
There are many white papers and security advisories, but in Japan, we have little information about what will happen after Exploits or Security Incidents broke out.
Information Security LoveLiver
We have been overcome some Information security incident in Japan.
At this time we will look back about some past incident with panelers who is parties of the incident or observers of it.
And we will talk about recent engineer's runaway and "rule of game".