Hello, this is Taki and today I would like to write about my trip to Colombo, Sri Lanka from September 30th through October 2nd. I went with Tetsuya to conduct TSUBAME trainings at Sri Lanka CERT|CC and TechCERT, and to give a presentation at Cyber Security Week 2014 - 7th Annual National Conference on Cyber Security. TSUBAME Training for Sri Lanka CERT|CC and TechCERT Unlike our previous TSUBAME trainings in...

Read more

Hello. This is Masaki from Vulnerability Analysis Team. JPCERT/CC has been active in doing research, developing coding standards and conducting seminars in secure coding since 2007. In the course of our activities, we've collaborated with CSIRTs in Asia-Pacific region such as ThaiCERT, PHCERT, ID-SIRTII/CC, Academic-CERT in Indonesia, VNCERT and CERT-In in providing secure coding training to software developers in each region. Last month, Hiroshi (my teammate and senior vulnerability analyst),...

Read more

Konnichiwa, this is Kaori at Global Coordination Division. On September 17th, JPCERT/CC and Information-technology Promotion Agency (IPA) of Japan have jointly issued a notice to raise public awareness to refrain from using a single password for multiple online services. On the same day, JPCERT/CC, as our sole initiative, has launched a local campaign to further promote this practice by having the enterprise supporters to directly encourage their users. This password...

Read more

It's been quite a while. This is Taki again and I will be writing about my experiences at the 26th FIRST Annual Conference in Boston that I attended from June 23 - 27. (Trinity Church - Photo by Hiroshi Kobayashi) This year, I attended the conference with 3 colleagues, Yurie Ito, Koichiro (Sparky) Komiyama and Hiroshi Kobayashi. Having attended the conference on a few occasions in the past, it was...

Read more

Hi! I’m Takuho Mitsunaga from Watch and Warning Group. I am pleased to announce that JPCERT/CC has just released a report "Investigation Report Regarding Security Issues of Web Applications Using HTML5 (English version)." As mentioned in the previous posts - JPCERT/CC at “CODE BLUE” and Presenting HTML5 security at OWASP AppSec APAC 2014, through publishing a report (Japanese version), we have worked to point out the issues and raise awareness...

Read more

I am Toru Yamauchi, Research Director of JPCERT/CC. JPCERT/CC has been contributing to CSIRT community in Africa since 2010 in order to enhance the global cybersecurity activity. In the rapid ICT development in Africa, it is getting important for African community to accelerate human resource development of cybersecurity and to establish the regional cooperation especially among National CSIRTs. I would like to introduce our recent on-site training program in Djibouti...

Read more

Hi. This is Misaki Kimura from Watch and Warning Group. Ever since the extremely critical vulnerability in recent versions of OpenSSL (known as "Heartbleed") was made public, it has been wreaking havoc across the internet. According to Netcraft, a research firm which monitors websites and certificates worldwide, more than half a million websites were affected. Such said, with no exceptions, websites in Japan were also affected, and we have been...

Read more

Hi. This is Yoshinori Matsumoto from Watch and Warning Group. After JPCERT/CC’s publication of a technical research report on HTML5 last October, our group has been working intensively to raise awareness on security issues of web applications utilizing HTML5. We have been given opportunities to speak at various security conferences on this topic, and one of them was my colleague’s presentation at "CODE BLUE" introduced on this blog earlier. This...

Read more

Hi. This is You Nakatsuru (“Tsuru”) – a “just married” Information Security Analyst from Analysis Center. Today, I would like to introduce JPCERT/CC’s presentations at “CODE BLUE”, a new international information security conference originating in Japan which was held on February 17 and 18. The conference attracted many computer security experts – more than 400 attendees from about 10 different countries. The conference covered a wide range of topics discussing...

Read more

Hello, I am Hidekazu Yamada at ICS Response Group of JPCERT/CC. In this entry today, I would like to look back on “ICS Security Conference 2014” which was held early last month, along with some presentation highlights. My presentation summary on the result of the ICS Asset owners’ survey will also be covered. Event Overview The conference took place on Wednesday, 5 February 2014 at Kokuyo Hall in Shinagawa, Tokyo....

Read more