JPCERT/CC held ICS Security Conference 2022 on February 3, 2022. The purpose of the conference is to share the current status of threats in ICS both in Japan and abroad as well as efforts by ICS security stakeholders. It also aims to help participants improve their ICS security measures and establish best practices. The conference has been held annually since 2009, and this year’s was the 14th conference. The event...

Read more

This blog post focuses on the Day 2 of JSAC2022, following the previous report on the Day 1.An Introduction to macOS Forensics with Open Source SoftwareSpeaker: Minoru Kobayashi (Internet Initiative Japan Inc.)SlidesVideoMinoru provided the basic knowledge of macOS forensics, and its analysis methods using mac_apt, followed by hands-on training on macOS forensics.He mentioned that when it comes to forensics, information is acquired and analysed at the same priority as macOS...

Read more

JPCERT/CC held JSAC2022 online on January 27, 2022. The purpose of this conference is to raise the knowledge and technical level of security analysts in Japan, and we aimed to bring them together in one place where they can share technical knowledge related to incident analysis and response. This year was the fifth time the conference was held. 9 presentations and 2 workshops, selected from 18 CFP and CFW submissions,...

Read more

Hello, I am Takumi from Global Coordination Division. I believe many of you have been working from home for long due to COVID-19 pandemic, and so have we. Many conferences, forums, seminars, and trainings went online in the past year and a half. Today, I would like to report on our international online CSIRT training delivered to VNCERT/CC in Vietnam recently. This 4-day-long online CSIRT training program was conducted from...

Read more

JPCERT/CC participated in the cyber exercise “Locked Shields” organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) during 13 – 16 April 2021. We joined as a member of Japan's Blue Team. This article describes how JPCERT/CC and other members participated in Locked Shields, its objectives, the value of the exercise, and challenges. What is “Locked Shields”? Locked Shields is the largest and most complex international live-fire cyber...

Read more

JPCERT/CC held the ICS Security Conference on 12 February (Japanese website). This annual conference started in 2009 in the hope of developing security measures and the best practices for ICS. Since then, the conference has been facilitating the exchange of up-to-date knowledge on both domestic and worldwide threats against ICS and the latest security practices in the related industries. In its 13 years of history, this year was the first...

Read more

This blog post focuses on the 1st track of JSAC2021, following the previous reports on the 2nd and 3rd track.Opening Talk: Looking Back on the Incidents in 2020Speaker: Takayoshi Shiigi (JPCERT/CC)Slides (English)VideoTakayoshi opened the JSAC2021 with an overview of incidents that JPCERT/CC confirmed in 2020, focusing on targeted attack and widespread attack.Targeted attack in 2020 is characterised by leveraging cloud services for malware operation in multiple stages of attacks from...

Read more

This blog post focuses on the 2nd track of JSAC2021, following the previous report on the 3rd track.Workshop: Malware Analysis at Scale - Defeating EMOTET by Ghidra -Speaker: Shota Nakajima (Cyber Defense Institute), Hiroaki Hara (Trend Micro)Slides (Japanese)VideoShota and Hiroaki presented how malware analysis can be easily done using Ghidra, an open source reverse engineering tool, and the participants tried automating the analysis of Emotet during the hands-on training.Ghidra provides...

Read more

JPCERT/CC held Japan Security Analyst Conference 2021 (JSAC2021) on 28 January 2021. It was the first JSAC held online in consideration of the participants’ health and safety in the current COVID-19 pandemic.The conference is aimed at providing opportunities for them to get together and exchange their technical knowledge on incident response and analysis. This is JPCERT/CC’s 4th time holding this annual conference, and 11 presenters were selected from 22 candidates.To...

Read more

Many events in the world have been postponed or cancelled due to COVID-19 pandemic, and cyber security conferences are not the exception. While I hope events will soon be organised as in the past, I would like to introduce three cyber security conferences I recommend you to join when the current situation gets back to normal. Let me tell you first that, since I am a malware analyst, the conferences...

Read more