CODE BLUE 2019 Collaborative Notes === Talks --- ### Day 1 - 9:30-10:15 [Keynote:Hacking the Bomb - Cyber Threats and Nuclear Weapons / Andrew_Futter](https://hackmd.io/@ninoseki/SJecnIaKS) - 10:20-11:00 [Transparency in the Software Supply Chain: Making SBOM a Reality / Allan_Friedman](https://hackmd.io/@ninoseki/SJKoT8pKH) - 11:00-11:40 [Resistance is Futile – The Undefendable Supply-Chain Attack / Sung-Ting_Tsai,Linda_Kuo](https://hackmd.io/@ninoseki/BJM10UpFH) - 11:40-12:20 [Overview of the latest supply chain attacks in Asia region / Boris_Larin,Alexander_Liskin](https://hackmd.io/@ninoseki/H1abRUTKB) - 13:20-14:00 [Understanding the IoT threat landscape and a home appliance manufacturer's approach to counter threats to IoT / Hikohiro_Y_Lin,Yuki_Osawa](https://hackmd.io/@ninoseki/S1O_JPTtH) - 14:00-14:40 [[U25]I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT Hub / Hongryeol_Lim,Jisub_Kim](https://hackmd.io/@ninoseki/rkK5JvaFr) - 14:40-15:20 [Spyware, Ransomware and Worms. How to prevent the next SAP tragedy / Jordan_Santarsieri](https://hackmd.io/@ninoseki/BJn3JwpFB) - 15:50-16:30 [Leveraging Yara Rules to Hunt for Abused Telegram Accounts / Asaf_Aprozper](https://hackmd.io/@ninoseki/H1qMgD6KB) - 16:30-17:10 [Attacking DRM subsystem to gain kernel privilege on Chromebooks / Di_Shen](https://hackmd.io/@ninoseki/SkyweDTtr) - 17:10-17:50 [[U25]Let's Make Windows Defender Angry: Antivirus can be an oracle! / Ryo_Ichikawa](https://hackmd.io/@ninoseki/rJXKewatr) - 18:20-19:00 [[U25]Semzhu-Project – A self-made new world of embedded hypervisors and attack detection methods / Yoshifumi_Shu](https://hackmd.io/@ninoseki/B192lPTtS) - 19:00-19:40 [From VBScript to ChakraCore : Adventure with Script Engines on Windows System / Yuki_Chen](https://hackmd.io/@ninoseki/SkpebwTtB) - 19:40-20:20 [API-induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web / Joshua_Maddux](https://hackmd.io/@ninoseki/Hy7XZwaKB) - 20:20-21:00 [Infiltrating Corporate Intranet Like NSA: Pre-auth RCE on Leading SSL VPNs! / Orange_Tsai,Meh_Chang](https://hackmd.io/@ninoseki/SyAE-v6KH) ### Day 2 - 9:00-9:40 [Coinbase and the Firefox 0-day / Philip_Martin](https://hackmd.io/@ninoseki/BkvU-vTFH) - 9:40-10:20 [The Trouble with Trojans / Austin_McBride,Artsiom_Holub](https://hackmd.io/@ninoseki/B1JdbD6Fr) - 10:20-11:00 [Hardware Wallet Security / Sergei_Volokitin](https://hackmd.io/@ninoseki/H1qY-DTtH) - 11:00-11:40 [Integration of Cyber Insurance Into A Risk Management Program / Jake_Kouns](https://hackmd.io/@ninoseki/HJDjbP6KH) - 12:40-13:20 [Crypto Cobra: Tales of the nation-state actor targeting crypto-exchanges / Dani_Goland,Ido_Naor](https://hackmd.io/@ninoseki/SyteMD6YH) - 13:20-14:00 [Recent APT attack on crypto exchange employees / Heungsoo_Kang](https://hackmd.io/@ninoseki/HJfNzwatB) - 14:30-15:10 [Cyber Threat Landscape in Japan – Revealing Threat in the Shadow / Chi_En_Shen,Oleg_Bondarenko](https://hackmd.io/@ninoseki/HkSFMDatS) - 15:10-15:50 [From Advanced Persistent Threats to "Advanced Persistent Manipulators": The Evolving Cyber Defense Battlefield / Mei_Nelson](https://hackmd.io/@ninoseki/rJdsMwptr) - 16:20-17:00 [Why We Click: Studying Threat Actor’s use of Principles of Persuasion to Increase Successful Execution / Joshua_Miller](https://hackmd.io/@ninoseki/Byky7vptB) - 17:00-17:40 [Applicability of GDPR and APPI to international companies and the impact on IT Security / Matthias_Lachenmann](https://hackmd.io/@ninoseki/rJXZXPaKS) - 17:40-18:25 [Keynote:Cyberspace – A Lawless Wild West or Orderly Chaos? / Liis_Vihul](https://hackmd.io/@ninoseki/HJKf7w6YS) BlueBox --- ### Day 1 - 11:50-12:20 [FileInsight-plugins: Decoding toolbox for malware analysis / Nobutaka_Mantani](https://hackmd.io/@ninoseki/BkJ-yvTYB) - 12:30-13:00 [tknk_scanner v2:community-based integrated malware identification system / Shota_Nakajima,Keita_Nomura](https://hackmd.io/@ninoseki/HJPm1P6YH) - 13:10-13:40 [MalConfScan with Cuckoo: Automatic Malware Configuration Extraction System / Tomoaki_Tani,Shusei_Tomonaga](https://hackmd.io/@ninoseki/rJiLkPTYS) - 15:10-15:40 [Shattering the dark: uncovering vulnerabilities of the dark web / Takahiro_Yoshimura,Ken-ya_Yoshimura](https://hackmd.io/@ninoseki/SJTC1w6Fr) - 15:50-16:20 [DDIR: An Open Source Dataset for Darkweb Research / Yuu_Arai](https://hackmd.io/@ninoseki/r1TllDpFS) - 16:30-17:00 [OPSEC for investigators / Krassimir_Tzvetanov](https://hackmd.io/@ninoseki/HJhNgDpKH) - 17:50-18:20 [CIRCO: Cisco Implant Raspberry Controlled Operations / Emilio_Couto](https://hackmd.io/@ninoseki/HygigvpKB) - 18:30-19:00 [Swiftly Scan for Malware and View Disk Contents With Ease Using Autopsy / Isao_Tanner](https://hackmd.io/@ninoseki/Hk2RewatB) ### Day 2 - 11:50-12:20 [Wifi sniffing with the WifiKraken / Mike_Spicer](https://hackmd.io/@ninoseki/Sk-p-D6Yr) - 12:30-13:00 [MalCfgParser: A Lightweight Malware Configuration Parsing Tool / Ycy_Yu,Duckll_Liao,Charles_Li](https://hackmd.io/@ninoseki/SyhRbDaYB) - 13:50-14:20 [New threats are already around you, the IPV6 attack must be understood / KunZhe_Chai,YongTao_Wang,Jie_Fu](https://hackmd.io/@ninoseki/Hk6BMwpFH) - 14:30-15:00 [Seamless Threat Intelligence Platform (S-TIP) / Koji_Yamada,Toshitaka_Satomi](https://hackmd.io/@ninoseki/SyovMDaFH) - 15:50-16:20 [Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcement Learning / Isao_Takaesu](https://hackmd.io/@ninoseki/Syf6fPTYB) ###### tags: `CODEBLUE2019` `CODEBLUE`