HITCON FreeTalk 2022 - 烏俄網路戰 ＆ CTF 經驗分享

本次 FreeTalk 藉由近來發生的資安事件，進行深入的研究分析，以促進大眾對近期國內外資安事件嚴重性的了解，並增加企業對資安正確的知識。近期發生的烏俄戰爭，廣泛影響了全世界。而在網路的世界中，網路戰爭也相繼發生。與實體戰爭相配合，DDOS、假新聞、APT、破壞性惡意程式都被大量應用。本次議程中將為我們深入分析，在看不見的網路戰場中發生了什麼事。而在 CTF 常常會與真實世界的漏洞相呼應，也邀請到 CTF 戰隊成員將為我們分享如何利用 path traversal、deserialization、密碼學漏洞，構造一個完整的攻擊。

此次會議同時為了促進社群與技術交流，後半場為 HITCON 投稿生存指南，作為資安人才職涯及研究指導。

HITCON FreeTalk 2021 近期供應鏈及勒索病毒事件剖析

本次 FreeTalk 將藉由近來發生的資安事件，進行深入的研究分析，以促進大眾對近期國內外資安事件嚴重性的了解，並增加企業對資安正確的知識。

從去年下半年，便有許多台灣本土的廠商遭到勒索軟體威脅，攻擊手法、威脅方式也逐漸演進。而從全球的角度來看，Solargate 供應鏈攻擊事件是近期最嚴重的資安攻擊，引發了相當大的衝擊，值得我們深入研究並反思供應鏈安全。而在智慧型裝置上，也有供應鏈上的風險，我們也會邀請研究員分析手機上的供應鏈安全。而下段議程透過台積電經驗分享，從企業的角度了解面臨的資安問題，並如何解決這些資安威脅。最後，會以企業藍隊 Best Practice 來跟各位分享企業建置資安防禦的概念及方法。盼透過國內外攻擊案例及經驗分享，讓大家更了解企業資安議題。

The recent outbreak of the Meltdown & Spectre flaw has affected a wide range of platforms of almost all CPU manufacturers. The processors produced since 2005 May be at risk. Although the severity of this flaw is relatively low for general computers, this flaw has a great impact on cloud operators.

The number of hacker attacks is increasing. Recently, the well-known system cleaner "CCleaner" was implanted with a backdoor program.

In the history of information security, component replacement attacks are nothing new. Through this sharing, information security experts will discuss with you the origins and technical analysis of this intrusion, and how enterprises and government departments should deal with the security of this "legitimate" software with a formal digital signature.

Attacks on Banks have intensified in recent years, from the ATM heist in Taiwan in 2016 to the SWIFT cyber heist by Lazarus, a financial crime group, which has made many friends concerned about Fintech security take the issue more seriously. The purpose of this event is to share financial security technologies and lead financial and government departments to explore how to respond to the latest threats in real time.

HITCON studied the recent severe financial information security incidents in various countries, from the various information security threats to the banking industry by new criminal groups in Europe and the three cases of SWIFT attack in the financial industry this year. From the actual cases, we discussed the information security crisis in various industries and analyzed how to deal with these situations.

In the first information session of 2015, we will discuss the internal secrets of the serious APT attacks on Sony and South Korea's nuclear power plants, as well as the complete analysis of well-known games that have been embedded in the back door program of Chinese Internet army. In addition, we invite police, information security industry experts and players to discuss computer crimes to information security incident handling. Would you like to know the general situation of the year's sorting out vulnerability statistics and corporate information security? Then you must not miss HITCON FreeTalk!

HITCON team studied major recent information security events, discussed GNU Bash vulnerability in depth, including analysis of vulnerability principles, affected host statistics, prevention and actual case presentation. Recently, apps provided by Banks or public departments have aroused a lot of discussion on mobile phone security. We will also discuss the security issues and vulnerabilities of Android system, as well as the security detection methods and key points of APP software.

This event invited Taiwan's leading information security experts to demonstrate the power of OpenSSL HeartBleed and provide the right way to fix the major brands. In addition to the OpenSSL vulnerability, RTF 0day which can bypass Office 2010 and the sandbox protection mode in 2013 also began to cause harm at the same time. At that time, APT attackers began to send a large number of malicious files containing RTF 0day. At that time, the information security environment was very dangerous, from the server to the endpoint was full of crisis, which highlighted the importance of HITCON FreeTalk.