伴隨著 HITCON 即將來臨的倒數聲,想必大家都十分期待議程!
一如既往,我們依舊收到來自世界各地頂尖研究員的優秀稿件,為了滿足大家的好奇心,在議程表正式出爐前我們選出了其中幾篇,搶先讓大家一同來窺探各路好手的發表及研究吧👀
議程搶先看➡️ https://hitcon.org/2022/sessions/
今年的演講將圍繞著八大主軸,帶給大家涵蓋各領域深入且多元的研究✨
1️⃣CyberWar APT 戰隊研究
2️⃣CyberWeapon ZeroDay 挖掘研究
3️⃣物聯網及工控系統漏洞
4️⃣民生基礎建設攻擊
5️⃣系統化企業資安管理 & Round Table
6️⃣程式分析應用於漏洞挖掘及惡意程式分析
7️⃣後量子密碼學
8️⃣明日之星
—
🔥趕緊購票一起來參與這場年度盛會🔥
HITCON PEACE 2022
▌日期:2022.08.19 (五) - 2022.08.20 (六)
▌地點:南港展覽館 2 館 7 樓
▌購票連結:https://hitcon.kktix.cc/events/hitcon-peace-2022
—
As the countdown to HITCON approaches, everyone must be looking forward to the agenda!
As always, we have received many excellent proposed sessions from top researchers worldwide. To satisfy your curiosity, we have selected some sessions for you before the official reveal of the agenda. Let’s take a peek at some exciting sessions and research.👀
Agenda Sneak Peek ➡️ https://hitcon.org/2022/sessions/
This year's speeches will mainly focus on 8 domains, bringing you in-depth and diverse research concerning various fields.✨
1️⃣CyberWar: APT Groups Research
2️⃣CyberWeapon: ZeroDay Vulnerability Discovery
3️⃣IoT and IIoT vulnerabilities
4️⃣Cyber Attack on civil infrastructure
5️⃣Systemized Enterprise Cyber Security Management & Round Table Discussion
6️⃣Automated vulnerability discovery & malware research
7️⃣Post-quantum Cryptography (PQC)
8️⃣Future Star
—
🔥Book your tickets to join this grand annual event🔥
HITCON PEACE 2022
▌Time:August 19-20 2022
▌Location:Online/Onsite in Taipei Nangang Exhibition Center, Hall 2, 7F, Taiwan
▌Ticket:https://hitcon.kktix.cc/events/hitcon-peace-2022
—
主辦單位:經濟部工業局、社團法人台灣駭客協會
執行單位:社團法人台灣駭客協會、工業技術研究院
#HITCON #HITCON2022 #HITCON_PEACE_2022 #HITCON2022_AGENDA
1️⃣CyberWar APT 戰隊研究
隨著烏俄衝突的持續,越來越多烏俄的國家級網路攻擊行為被研究員揭露,使得網路戰爭的議題再次躍上檯面,今年 HITCON PEACE 2022 將延續 HITCON 2013 年 CyberWar, In Hack We Trust 的主題,以 Survival Guide for the Cyber War 為題
CyberWar: APT Groups Research
As the Russo-Ukraine war continues, more and more cyberattacks from both sides are revealed by researchers, and cyber war continues to be a hot topic again. This year, HITCON PEACE 2022 will succeed "HITCON 2013 CyberWar, In Hack We Trust". We introduce sessions in adhering to this year's topic "Survival Guide for the Cyber War": variety of sessions such as wide-range analysis of cyber war activities in Russo-Ukraine war, in-depth analysis of cyber security incidents in Taiwan, and analysis on APT groups targeting Taiwan.
2️⃣CyberWeapon ZeroDay 挖掘研究
在網路戰爭中,最重要的武器便是各種漏洞及 ZeroDay
如同往年,今年在 HITCON 仍持續揭露各種 ZeroDay 挖掘研究,從企業常用的 Microsoft IIS 到 Linux 子系統的漏洞,都將詳細介紹漏洞挖掘的過程及其原理
最後,為了鼓勵更多研究員投入漏洞挖掘的行列,讓網路世界更加安全,也針對 Bug Bounty 有詳細的經驗分享!
CyberWeapon: ZeroDay Vulnerability Discovery
In cyber warfare, it's all about zero days and vulnerabilities.
Like before, there are sessions about 0-day and vulnerabilities, from widely used software such as Microsoft IIS, to Linux subsystems, the sessions will go deeply into the journey of finding the vulnerability and how they work in detail.
Also, to encourage more researchers into the field of vulnerability research, and to make our internet safer, we have a dedicated session for experiences in bug bounty programs.
3️⃣物聯網及工控系統漏洞
除了普及的 Windows 及 Linux 系統,各式各樣的設備也成了攻擊者的目標
從印表機、NAS 設備、工控協定、通訊系統到 Android 等各種系統的漏洞及攻擊,都是網路戰爭中重要的手法,這次 HITCON 除了有 BlackHat 等級的研究外,更將初次揭露在 Pwn2Own 競賽中所使用的攻擊手法!
IoT and IIoT Security
Besides common Windows and Linux operating systems, devices such as printers, NAS, industrial control systems (ICS), communication systems to mobile OSs such as Android, are common targets of cyber wars. At this year's HITCON, we will not only introduce Blac Hat-level contents, but will also unveil attack methods used in Pwn2Own for the first time!
4️⃣民生基礎建設攻擊
民生基礎建設是社會重要的基礎,也是網路戰爭中重要的標的
HITCON PEACE 2022 將帶大家認識可以怎麼在這些民生基礎建設尋找漏洞!
Cyber Attack on Critical Infrastructure
Critical Infrastructure is essential for the functioning of a modern society and economy, but also a target for cyber war.
In HITCON PEACE 2022, we will introduce you to the world of finding vulnerabilities within critical infrastructure systems.
5️⃣系統化企業資安管理 & Round Table
資安問題不僅僅是技術,也要管理與技術的結合
在企業的網路戰爭中,企業網域 AD (Active Directory) 成為重要的一點,在許多攻擊事件中 AD 都成為攻擊者的目標,而 HITCON PEACE 2022 這次也包含多篇針對企業網域 AD 系統的風險評估研究
承襲 HITCON 2021,將在 CISO、金融資安、智慧製造三大領域中,邀請各領域重點人物參與 Round Table 活動,整合大家對於該領域的共識,並透過議程與大家分享所遭遇的資安問題以及資安管理的方法,希望能以更系統性的方式,衡量資安管理的問題
Systemized Enterprise Cyber Security Management & Roundtable Discussion
Cyber security does not work with only technology - it requires a managerial aspect.
Recently, Domain Active Directory (AD) proves to be a highlight: It has become a target in multiple cybersecurity incidents. At HITCON PEACE 2022, there are multiple sessions focused on risk analysis on Active Directory.
Succeeding HITCON 2021, we invited top figures from CISO, Financial Cyber Security, Smart Manufacturing to our roundtable to discuss their journey of advocating cybersecurity in their organizations, managerial aspects of cybersecurity, and systematic methods to evaluate cybersecurity risks.
6️⃣程式分析應用於漏洞挖掘及惡意程式分析
程式越來越多、惡意程式數量也年年增加,數量已經超過人力可以負擔,程式分析的自動化是否可能呢?今年 HITCON 將有超過 4 場以上的議程,與各位探討如何利用各種自動化技術分析惡意程式、挖掘軟體漏洞
Automated vulnerability discovery & malware research
As the number of malware continues to increase to a scale of being unable to be manually analyzed manually, is it possible to do automated analysis on malwares? We have over 4 sessions to discuss using automated methods to analyze malwares and also find vulnerabilities.
7️⃣後量子密碼學
美國國家標準暨技術研究院 (NIST) 在經過多年的徵選與討論後,於今年中宣布選定四款後量子密碼學演算法進行標準化!
因此今年 HITCON 也邀請到後量子密碼的頂尖研究員,來為我們介紹並一同探究後量子密碼學的奧秘!
Post-quantum Cryptography (PQC)
National Institute of Standards and Technology (NIST) has finally announced the PQC algorithm to be standardized after years of discussion.. This year at HITCON, we invited a few best researchers in the field to discuss the ins and outs of post-quantum cryptography.
8️⃣明日之星
今年為了挖掘更多駭客圈的明日之星,今年 HITCON 特別保留名額給學生投稿,希望能鼓勵更多年輕研究員,讓更多學生有發表研究的舞台!
Future Star
At this year's HITCON, we had dedicated a few sessions for students to present and promote their work, and to encourage younger generations to be active participants in our conference.
No comments:
Post a Comment