This article reports on JSAC Day 2, following the previous article about Day1. How Do We Fight against Evolving Go Language Malware? Practical Techniques to Increase Analytical Skills Speakers: Tsubasa Kuwabara (FFRI Security Inc.) Slides (English) Tsubasa presented the current situation and problems of Go language malware, which has been increasing in recent years, and explained basic and advanced analysis techniques. He explained that Go malware was easy to write...

Read more

What is ITU-T X.1060? X.1060 Framework for the creation and operation of a cyber defence centre［1］is a recommendation document approved by ITU-T, the United Nations specialized agency for information and communication technologies. It defines a cyber security framework which can be used as a reference by a wide range of organisations, regardless of their sizes or industries. The document illustrates a blueprint for Cyber Defence Centre (hereafter CDC), an entity...

Read more

JPCERT/CC held JSAC2023 on January 25 and 26, 2023. The purpose of this conference is to raise the knowledge and technical level of security analysts in Japan, and we aimed to bring them together in one place where they can share technical knowledge related to incident analysis and response. This year was the sixth time the conference was held, and 12 presentations, 2 workshops, and 7 lightning talks were presented...

Read more

1. What is Locked Shields? Locked Shields is a cyber exercise organized by NATO CCDCOE. It is a large-scale and complex exercise which took place in late April 2022. JPCERT/CC participated in this exercise as a member of the Japan-UK Blue team. We would like to report on the event. Scene of participation by the Japanese and British teams(Source: https://twitter.com/ModJapan_jp/status/1517113397745426439) The purpose of participating in Locked Shields was to deepen...

Read more

JPCERT/CC held ICS Security Conference 2022 on February 3, 2022. The purpose of the conference is to share the current status of threats in ICS both in Japan and abroad as well as efforts by ICS security stakeholders. It also aims to help participants improve their ICS security measures and establish best practices. The conference has been held annually since 2009, and this year’s was the 14th conference. The event...

Read more

This blog post focuses on the Day 2 of JSAC2022, following the previous report on the Day 1.An Introduction to macOS Forensics with Open Source SoftwareSpeaker: Minoru Kobayashi (Internet Initiative Japan Inc.)SlidesVideoMinoru provided the basic knowledge of macOS forensics, and its analysis methods using mac_apt, followed by hands-on training on macOS forensics.He mentioned that when it comes to forensics, information is acquired and analysed at the same priority as macOS...

Read more

JPCERT/CC held JSAC2022 online on January 27, 2022. The purpose of this conference is to raise the knowledge and technical level of security analysts in Japan, and we aimed to bring them together in one place where they can share technical knowledge related to incident analysis and response. This year was the fifth time the conference was held. 9 presentations and 2 workshops, selected from 18 CFP and CFW submissions,...

Read more

Hello, I am Takumi from Global Coordination Division. I believe many of you have been working from home for long due to COVID-19 pandemic, and so have we. Many conferences, forums, seminars, and trainings went online in the past year and a half. Today, I would like to report on our international online CSIRT training delivered to VNCERT/CC in Vietnam recently. This 4-day-long online CSIRT training program was conducted from...

Read more

JPCERT/CC participated in the cyber exercise “Locked Shields” organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) during 13 – 16 April 2021. We joined as a member of Japan's Blue Team. This article describes how JPCERT/CC and other members participated in Locked Shields, its objectives, the value of the exercise, and challenges. What is “Locked Shields”? Locked Shields is the largest and most complex international live-fire cyber...

Read more

JPCERT/CC held the ICS Security Conference on 12 February (Japanese website). This annual conference started in 2009 in the hope of developing security measures and the best practices for ICS. Since then, the conference has been facilitating the exchange of up-to-date knowledge on both domestic and worldwide threats against ICS and the latest security practices in the related industries. In its 13 years of history, this year was the first...

Read more