Hello, it's Taki here and it has been a long time since I last wrote here. Today's topic is about the following: Call for Public Feedback on Upcoming CVE ID Syntax Change https://cve.mitre.org/news/index.html#jan242013a Before I get into the details of what is said here, I would like to quickly introduce CVE. CVE stands for Common Vulnerabilities and Exposures and it is managed by The MITRE Corporation in the US. CVE...
-
-
Hello, this is Osamu Sasaki. I belong to the Global Coordination Division in JPCERT/CC, responsible for overseas CSIRT trainings. Today I would like to introduce you two of our CSIRT trainings conducted recently - in September/Tokyo and October/Vientiane. I think it turned out to be a good model of CSIRT collaboration by sharing the knowledge and capability that each team have. Training in September/Tokyo In late September, two engineers from...
-
Hello this is Shikapon at the Incident Analysis Team at JPCERT/CC. I am managing a network threat monitoring system called "TSUBAME" which has been in operation since 2007. With sensors distributed in 19 economies in the Asia Pacific Region, the system is providing a common platform for the TSUBAME Project member teams for monitoring, information sharing and analysis. TSUBAME helps us to reveal hard to detect attacks that are on-going...
-
Hello again, this is Taki and I would like to tell you about training sessions that were conducted in Myanmar. Sparky and I went to Myanmar to visit mmCERT (Myanmar Computer Emergency Response Team) in Yangon as the Japan Overseas Development Center (JODC) experts to conduct training sessions, mainly consisting of Network Forensics. Other sessions included cryptography basics and CSIRT tools. mmCERT is the national CSIRT of Myanmar, hosted the...
-
Bula every one!! You will probably find it easy to assume from the context that this word means “Hello”, but can you guess what language it is? It is Fijian. Mr. Koichiro (Sparky) Komiyama and I (Kaori Umemura), as the Japan International Cooperation Agency (JICA) experts, were given the opportunity to visit Suva, the capital city of Fiji, to support the preparation to kickoff the Pacific Islands Computer Emergency Response...
-
Hello this is Sparky and let me update JPCERT's activities in Africa since my last post "CSIRT Training for Africa". Training course in Dar es Salaam, Tanzania I have been to Africa twice this past year to provide training for future CSIRT managers and engineers. My second destination in Africa was Dar es Salaam, Tanzania. A six day training course took place in conjunction with Afnog-12 from May 20 to...
-
In June, along with some colleagues, I attended the FIRST Conference 2011 in Vienna. FIRST Conference 2011 in Viennahttp://conference.first.org/ On the second day of the conference (June 14th), I moderated a panel session titled: SPECIAL Panel Session: The day disaster struck the northeastern part of Japan This panel session was designed to talk about what CSIRTs in Japan did in the wake of the March 11th earthquake. The panelists were...
-
In May, JPCERT/CC sent our technical specialists to the Secure Coding Seminar in C/C++ held in 3 cities: Bangkok, Nakhon Pathom and Surabaya. The seminar provided the explanation of common programming errors in C/C++ that could lead to software vulnerabilities, how these errors can be exploited, and effective mitigation measures for preventing such errors. Seminar in Bangkok (Thailand)Date: May 9th-10th, 2011Venue: Siam City HotelOrganizer: ThaiCERTNumber of Participants: 30 Seminar in...
-
After our last report of phishing apparently exploiting the tragedy of the earthquake and tsunami here in Japan, we have another example today: This is quite a well-designed site. Notably, this one uses the logo of the Red Cross. It's registered to an individual with a European-sounding name, Japanese street address and Gmail account. This one even ups the ante by posting photos and news gathered from other sites: One...
-
The tragedy in Japan has been immense, and everyone rightly wants to help as much as possible. However, be careful who you give your donations to. We've received word of a site called Japan Donation, which asks you to sign up for an account, and then, who knows: The domain was registered on Friday by an individual in the UK with a Hotmail address. Part of the email address listed...