【 HITCON 2021 Agenda Introduction 】

【 HITCON 2021 Agenda Introduction 0x00 】

 

不管疫情再怎麼嚴峻，都擋不住我們辦年會的心！
今年，HITCON 2021 收到了來自世界各地的頂尖研究員投稿，終於在激烈的競爭中選出了最終的演講！
在此，首先感謝所有投稿與支持 HITCON 的研究員及夥伴們！
 
一如往年，今年也有相當多的漏洞挖掘及 APT 威脅分析相關研究，分享頂尖駭客挖掘 Zero Day 的心路歷程及技術分享；網路世界的偵探也分享各國網軍的攻防手法，透過攻防兩方去了解資安的戰場。
除此之外，今年的演講將圍繞著 ” Work from home , hack into home ”、“ Hacking the Data Traversing in Reality-virtuality Hybrid World ” 及 ” Recovery and Collaboration - Vaccine for CyberSecurity ” 三大主題，帶給大家深入且多元的頂尖研究。
 
想知道今年到底有什麼議程嗎？請鎖定粉絲專頁！
在未來的幾週，我們將為大家搶先看一些精彩議程，敬請期待囉！

▍0x01  Work from home, Hack into home

雖然已經微解封了，但現在應該還有不少人在家工作吧？

聰明的你，一定對全遠端工作的資安問題有疑慮過。

無論你是在家裡工作，或是疫情前在咖啡店裡的遊牧駭客，這些地點的資安防護程度一定無法和企業內部的安全程度相提並論。

尤其在疫情的影響下，越來越多的 Cloud Service 和 IOT 裝置，逐漸成為現代人生活中不可或缺的一部分，但你知道這些裝置和服務的安全性，其實是非常堪慮的嗎？

因此，來自 “ Cisco Talos' Vulndev Team ” 的研究員 “ Lilith Wyatt ”，用講題 “An Azure Sphere Security Breakdown” 帶大家剖析 IOT 平台上的資安問題。

另外，“ Claroty ” 的研究員 “ Sharon Brizinov ” 帶我們從一段深夜收到的電話開始追蹤，到最後發覺 IOT 設備與雲端服務串連時帶來安全問題的旅程。

最後，“ Trend Micro ” 的 “ Ta-Lun Yen ” 繼 2018 年帶來對於 IOT 設備的漏洞研究後，今年將會以另一個角度 —— 來介紹如何靜態重建 binary 中 relocation 的資訊，進行動態分析的研究，並從如何幫助分析的角度，來深入探討 IOT 的資安議題。

▍除了國內外頂尖研究員帶來的 IOT 研究，HITCON 2021 也有更多雲端資安相關的重要議題，我們將在未來幾週帶大家迅速地了解其他精彩議程！

---

▍0x02 Hacking the Data Traversing in Reality-virtuality Hybrid World 

雲端平台的廣泛使用已經成為一個趨勢！

即使是在資料管制要求最嚴格的單位，也已逐漸開始使用雲端平台。而在家工作、疫情管制的情況下，人們更大量了使用各種服務取代實體的活動，也順勢將所有人更推向了虛擬世界！

但，在這虛實整合的世界中，帶來了新的優勢，也有許多隱私、資安問題值得研究！

-

疫情影響下，也有許多疫情相關的網路平台，如隨處可見的實聯制系統便是其中之一！

HITCON 2021，便由 LINE 的 Vic Huang 及東吳大學的博士候選人 Joy Ho 一同帶來的《慟！！實聯制？！我們交出去的個資跑到哪裡去了no？》為我們頗析其中的風險。

在去年的議題《Potential Security and Privacy Issues in Novel Taiwanese National eID system》中，講者為我們分析各國 eID 的資安議題；而今年，我們更具體的來看其中實作層級的問題。

台科大的查士朝教授《「原規劃」之數位國民身分證的分析經驗與建議》深入了解箇中奧妙。最後，奧義智慧的蘇學翔及林殿智兩位，將以全面性的雲端平台安全性為題，帶來《空降危機：雲端攻防二三事》帶來雲端安全的整體性分析。

在雲端、網路、虛實整合的資訊社會中，系統複雜、資料的流動難以掌握、衍生更多隱私問題。

不只需要駭客、研究員們一同努力，探討這些議題；也需要使用這些服務的消費者們都時刻保有警覺心，避免自己陷入了資安漏洞。

-

想知道更多活動訊息嗎？敬請鎖定 HITCON 粉專！

▍HITCON2021

日期：2021/11/26(Fri) - 2021/11/27(Sat)

地點：中央研究院人文社會科學館

售票：https://hitcon.kktix.cc/events/hitcon-2021

---

▍0x03 Recovery and Collaboration - Vaccine for Cyber Security

在過去一年中，跟隨疫情的影響，資安問題也相應的來得更快更嚴重！ Work from home（ WFH ）擴大了企業組織的防禦面，也許是駭客不出門，多挖了許多嚴重漏洞；這也使資安變得更加複雜！ - 在這樣的困境中，協力合作是一個好方法，讓我們不論在疫情、或資安上都能互相合作，以利回復至良好的狀況。 在這次 HITCON 中，我們也將帶來多場與 COVID - 19 疫情相關的議程，說明在 2019 ～ 2021 疫情影響下所帶來的資安問題！ 例如，針對《 與 COVID - 19 相關的釣魚行動 》、《 針對 WFH 常用的 VPN 的攻擊 》這兩項深入分析，可以了解疫情對資安的影響。而在 Shin Adachi 的《 Lessons from the possible worst ～ or lessons from 15 - month restriction in Silicon Valley during pandemic 》中，則從矽谷的經驗出發，分享在疫情中，組織如何面對或管理疫情的風險，以網路攻擊威脅趨勢及企業組織應變經驗切入。 而最後，Manabu Niseki 和 Josh Hopkins 的《 Security in the new normal：security issues related to the pandemic 》則從實際的單一攻擊切入，分析 GhostDNS 的研究，並分析在疫情下有何變化。 - 大家一定可以感覺到，資安問題與許多社會重大事件是息息相關的。因此在這次 HITCON 中，希望能透過以上精彩的演講，帶大家切身體會疫情與資安的關聯！ 想知道更多資訊，請持續鎖定 HITCON 粉專！ 另外，售票仍在持續進行中！所以看完這麼多精彩的介紹之後，不妨來現場聽聽講者怎麼說！ 售票連結：https://hitcon.kktix.cc/events/hitcon-2021

---

▍0x04 Pwn2Own in HITCON

Pwn2Own 一向被白帽駭客視為最重要的聖殿！ 參與者實際駭入重要的軟體系統，如：Windows 作業系統、Chrome 瀏覽器及一些物聯網設備，透過找出重大漏洞來證明自己的實力。參加 Pwn2Own 也是許多台灣駭客長久以來的夢想之一。 而在今年，來自台灣的駭客在此邁出了重要的一步！先在東京的 Pwn2Own Mobile 中，兩支台灣研究團隊分別拿下了二、三名。接著在 Pwn2Own 2021，更進一步拿下了冠軍！ 如此令人振奮的議題，自然不會在HITCON 2021 中缺席！ - 在這場議程中，將會由 HITCON 的老朋友：DEVCORE 的 Orange 將來分享 Exchange Server 的漏洞：“ ProxyLogon is Just the Tip of the Iceberg：A New Attack Surface on Microsoft Exchange Server！”。 研究不僅揭露單一漏洞，而是進一步提出了一條新的攻擊面： 只要在前端發現任何 SSRF 漏洞，便有機會串出諸如 RCE 等嚴重的攻擊。 正是這個漏洞，讓他們在 Pwn2Own 中奪冠！ 同樣的，AngelBoy 也將在 HITCON 的舞台上發表 “ 你的 NAS 不是你的 NAS ! ” 。讓大家了解他們在 Pwn20wn 2020 Mobile 中，是如何利用 Open Source 上看到的漏洞，在 NAS 上做成 Pre-auth Root RCE，取得佳績！ 最後相當特別的一項是來自 STAR Labs Billy Jheng 及 Muhammad Ramdhan 的 “ The Great Escapes : A Case Study Of VM Escape & EoP Vulnerabilities ”。 講者 Billy 以前便是台灣頂尖的 CTF 選手，後來加入新加坡 STAR Labs ，繼續鑽研漏洞挖掘，這次將為我們分享 STAR Labs 在 Pwn2Own 上所揭露的漏洞，我們也很開心可以看到更多 CTF 選手在此領域可以有精彩的表現。 以上議程，讓我們體會到台灣在漏洞研究上的重要進展，也許有一天，HITCON 可以有自己的 Pwn2Own 也說不定，大家敬請！

---

▍0x05 駭客團隊軍火頗析 @ HITCON！

這樣的主題，你有聽過嗎！ 遵循著優良傳統，HITCON 2021 包含了許多不同的漏洞挖掘研究發表，從物聯網、重要軟體系統，如：Exchange、VirtualBox 及 Ubuntu；到 ICS 等級的系統，都是今年的熱門主題！除此之外，這次也有許多研究員以防禦者的角度，來探討駭客團隊的攻擊行動。 - 在 11/27 的議程中，我們將連續帶來三場深入的威脅情資研究，講解不同駭客團隊的運作情形！ FB 詳細介紹：https://www.facebook.com/HITCON/posts/4844140225617261 - 這三場演講所研究的攻擊團隊，都跟台灣有所關聯，常常攻擊台灣的政府或企業，值得我們多多了解他們的手法，一同思考更新的防禦方式。 你，準備好接受知識的洗禮了嗎？

---

【 HITCON 2021 Agenda Introduction 0x00 】

 

No matter how serious the epidemic is, we can't stop ourselves from hosting the annual conference! This year, HITCON 2021 received submissions from top researchers from around the world, and the final presentations were selected in a highly competitive process.

We would like to thank all the researchers and partners who contributed and supported HITCON!

 

As in previous years, there will be lots of vulnerability mining and APT threat analysis-related research, sharing the journey and techniques of top hackers in mining Zero Day. The cyber-world detectives will also share the attack and defense techniques of cyber armies from different countries to understand the battlefield of information security through both attack and defense.

In addition, the lectures of HITCON 20121 will focus on "Work from home, hack into home", "Hacking the Data Traversing in Reality-virtuality Hybrid World" and "Recovery and Collaboration - Vaccine for CyberSecurity", bringing you in-depth and diverse top research.

 

Do you want to know what is on the agenda this year? Check out the fan page of HITCON 2021! We'll be giving you a sneak peek at some of the exciting sessions in the coming weeks, so stay tuned!

 

---

▍0x01  Work from home, Hack into home

Although the micro unblocking has happened, there should still be many people working from home, right?

No matter how smart you are, you definitely doubt  the security of working remotely.

Whether you work from home or were a nomadic hacker in a coffee shop before the epidemic, the level of security at these locations must not be comparable to the level of security inside the enterprise. Especially under the influence of the epidemic, more and more Cloud Service and IOT devices are becoming an indispensable part of modern life, but did you know that the security of these devices and services is actually very worrying?

Therefore, Lilith Wyatt, a researcher from "Cisco Talos' Vulndev Team", takes a look at the security issues on the IOT platform with the topic "An Azure Sphere Security Breakdown" to break down the information security issues on IOT platform.

Furthermore, “Sharon Brizinov”, researcher from Claroty, takes us on a journey that begins with a late-night phone call and ends with the discovery of a security problem when IOT devices are connected to cloud services.

Lastly, "Ta-Lun Yen" from Trend Micro will bring another perspective on vulnerability research of IOT devices this year after bringing it in 2018. - This year, we will introduce how to statically reconstruct the relocation information in the binary, conduct dynamic analysis, and explore the information security issues of IOT from the perspective of how to help analysis.

▍In addition to the IOT research brought by top researchers from home and abroad, HITCON 2021 also features more important topics related to cloud information security, and we'll bring you up to speed on the rest of the exciting agenda in the coming weeks!

Stay Healthy, Happy Hacking!

▍0x02  Hacking the Data Traversing in Reality-virtuality Hybrid World

Going to the Cloud has become a new trend!

Even in the organizations with the most stringent data control requirements, cloud platforms are gradually being used. In the case of work from home and epidemic control, people are using various services instead of physical activities, which is pushing everyone to the virtual world!

There are many advantages and privacy issues that could be discussed in both the virtual and real world.

-

As a result of the epidemic, there have been many epidemic-related online platforms. Such as the real-name registration system that can be found everywhere in Taiwan!

Vic Huang from LINE and Joy Ho, a Ph.D. candidate from Soochow University, will present "Ohh! The real-name registration system? Where was the personal information we gave?"

In HITCON 2020, "Potential Security and Privacy Issues in Novel Taiwanese National eID system", the speaker analyzed the information security issues of eIDs in various countries; This year, we will look at the practical level of the issues.

Professor Cha Shih Chao from National Taiwan University of Science and Technology (NTUST), "Experience and Suggestions for the Analysis of Digital National Identity Card of 'Original Planning' ", will give us an insight into the mystery. 

Hsueh-Chiang Su and Teng-Chih Lin from CyCraft will present "Skyfall: Something about Cloud Attack and Defense" with a comprehensive analysis of cloud security.

-

In the cloud, the Internet, and the integration of the virtual and the real, systems are complex, the flow of data is difficult to grasp, and more privacy issues arise.

Not only do hackers and security researchers need to work together on those topics. The end-users of those cloud services need to be vigilant at all times to prevent themselves from falling into security breaches.

-

Do you want to know more about the HITCON 2021? Stay tuned to the HITCON fan page!

▍HITCON2021

Time：2021/11/26(Fri) - 2021/11/27(Sat)

Location：International Conference Hall, Academia Sinica

Ticket：https://hitcon.kktix.cc/events/hitcon-2021

#HITCON2021 #Hacking #CloudPlatform #DataHacking

---

▍0x03  Recovery and Collaboration - Vaccine for Cyber Security

In the past year, along with the impact of the epidemic, cybersecurity issues have become more serious and faster.

Work from home (WFH) expands the defenses of enterprise organizations, perhaps because hackers don't leave home and dig more serious vulnerabilities; it also makes information security more complex!

-

In such a difficult situation, collaboration is a good way for us to work together to get back to the normal situation, both in terms of the outbreak and information security. At HITCON 2021, we will also bring several sessions related to the COVID-19 outbreak to illustrate the information security issues arising from the impact of the outbreak from 2019 to 2021!

For example, two in-depth analyses, "Phishing Operations Related to COVID-19" and "Attacks Against VPNs Commonly Used by WFH", provide insight into the impact of the epidemic on information security. In Shin Adachi's "Lessons from the possible worst ~ or lessons from 15 - month restriction in Silicon Valley during pandemic", he shares the experience of Silicon Valley on how organizations can face or manage the risk of pandemic during the epidemic. In "Lessons from the possible worst ~ or lessons from 15 - month restriction in Silicon Valley during pandemic", Shin Adachi shares his experience from Silicon Valley on how organizations face or manage the risk of a pandemic.

Finally, Manabu Niseki and Josh Hopkins' "Security in the new normal: security issues related to the pandemic" analyzes GhostDNS research from a single, real-world attack and how it has changed in light of the epidemic.

-

As you can feel, information security issues are closely related to many major social events. Therefore, in this HITCON, we hope to bring you to experience the connection between the epidemic and information security through the above-mentioned exciting speeches.

For more information, stay tuned to the HITCON fans page!

Tickets are still available! So after reading all the great introductions, come hear what the speakers have to say!

Link: https://hitcon.kktix.cc/events/hitcon-2021

#HITCON2021 #WFHCyberSecurity

#COVID19CyberSecurity

---

▍0x04  Pwn2Own in HITCON

Pwn2Own - the most important sanctuary for white hat hackers.

Participants actually hacked into important software systems such as Windows OS, Chrome and some Internet of Things devices to prove their strength by finding major vulnerabilities. Participating in Pwn2Own has been a long-time dream of many Taiwanese hackers.

And this year, hackers from Taiwan have taken an important step forward here! First, in Pwn2Own Mobile in Tokyo, two Taiwanese research teams took the second and third place respectively. Then, in Pwn2Own 2021, they took the championship even further!

Such an exciting topic will not be absent from HITCON 2021!

-

In this session, an old friend of HITCON, Orange of DEVCORE, will share the vulnerability of Exchange Server: "ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!".

The study not only exposes a single vulnerability, but further suggests a new attack surface.

As long as any SSRF vulnerability is found on the front end, there is a chance to string together serious attacks such as RCE.

This is the vulnerability that won them the Pwn2Own!

Similarly, AngelBoy will be presenting "Your NAS is not your NAS!" on stage at HITCON. Let everyone know how they exploited the vulnerabilities seen on Open Source to make Pre-auth Root RCE on NAS in Pwn20wn 2020 Mobile and achieved good results!

The last one is from STAR Labs Billy Jheng and Muhammad Ramdhan's "The Great Escapes : A Case Study Of VM Escape & EoP Vulnerabilities".

Billy, a former top CTF competitor in Taiwan, joined STAR Labs in Singapore to continue his research on vulnerability mining, and this time he will share with us the vulnerabilities revealed by STAR Labs at Pwn2Own.

The above agenda allows us to experience the important progress in vulnerability research in Taiwan. Maybe one day, HITCON can have its own Pwn2Own!

▍HITCON2021

Time：2021/11/26(Fri) - 2021/11/27(Sat)

Location：International Conference Hall, Academia Sinica

Website：https://hitcon.org/2021/

#HITCON2021 #HITCON