Doorkeeper

Becks Japan #4

Tue, 17 Sep 2019 19:00 - 22:00

LINE Corporation Shinjuku Miraina Tower Office, LINE Cafe, 23th floor

Tokyo, Shinjuku-ku, Shinjuku 4-1-6 JR Miraina Tower 23rd floor

Register

Registration is closed

Get invited to future events

Free admission
Reception on 5th floor, please take escalators to 5th floor.

Description

Becks Japan #4

Fourth edition of Becks in Japan. Talks by @icchyr and @Ga_ryo_, @jz, and @shiki_py.

Twitter Hashtag : #becks_jp

Featured talks (see below for details):

  1. AvOracle: New Attack Vector Against AntiVirus by @icchyr (Ryo Ichikawa) and @Ga_ryo (Ryota Shiga)
  2. Recent attack on crypto exchange services by @jz (Heungsoo Kang)
  3. Security issues of Node.js legacy URL APIs (LT) by @shiki_py (Toshiki Sasazaki)

Schedule

  • 18:50 Open
  • 19:20 Welcoming words (10min)
  • 19:30 AvOracle: New Attack Vector Against AntiVirus (50min)
  • 20:20 Break (10 min)
  • 20:30 Recent attack on crypto exchange services (50min)
  • 21:20 Security issues of Node.js legacy URL APIs (LT) (10min)
  • 21:30 Social event (with beers!)
  • 23:00 Close

Talk details:

1. AvOracle: New Attack Vector Against Anti Virus by @icchyr (Ryo Ichikawa) and @Ga_ryo (Ryota Shiga)

  • Abstract: In this talk, we will introduce our research about a brand new attack vector made possible by abusing antivirus products' detection logic.

  • Profile: Ryo Ichikawa (@icchy) is a captain/founder of the TokyoWesterns CTF team and responsible for discovering the principle behind attack. Ryota Shiga (@Ga_ryo_), is also a member of TokyoWesterns, and a security engineer at LINE Corporation. He developed the PoC code for this attack.

  • Language: Japanese (with English translation)

2. Recent attack on crypto exchange services by @jz (Heungsoo Kang)

  • Abstract: This talk covers the analysis on recent APT attack against crypto exchange employees. The attack consists of careful social engineering, compromise of public accounts, FireFox 0day exploit, and their malwares. It will cover tricks the attackers used on both social and technical sides. Also how difficult it is to prevent these attacks when the attackers are really careful like this.

  • Profile: I’m a security engineer working for LINE in Korea. I work with many colleagues in LINE to secure LINE’s services and infra. Before LINE I used to work as a malware analyst in AhnLab, Microsoft and a red-team member/security engineer in Korea Cyber-command and GrayHash. My interests are reverse engineering, code obfuscation, malware analysis, APT tracking, analyzing exploits, and writing tools for these.

  • Language: English (with Japanese translation)

3. Security issues of Node.js legacy URL APIs (LT) by @shiki_py (Toshiki Sasazaki)

  • Abstract: In this talk, I will discuss the Node.js URL APIs and introduce several new vulnerabilities caused by the current API implementation.

  • Profile: Toshiki Sasazaki (@shiki_py) is in his final year of university, and a security engineer at LINE.

  • Language: Japanese (With English translation)

About the venue

You need an access card to reach the venue.
If you come after reception is closed, please tweet with the #becks_jp hashtag and our staff will pick you up at the 5th floor.

Notes

  • The goal of this even is to share knowledge and interact with speakers and other participants.
  • If we deem your behavior inappropriate for any reason, we may have to ask you to leave.

About this community

Becks

Becks

Beer and Hacks A community of hackers, security researchers, and anyone interested in security. (almost) Monthly meetups in Tokyo featuring top security researchers, practitioners, and beers from ...

Join community