2019 Japan

THE 22nd INTERNATIONAL AVAR CYBERSECURITY CONFERENCE

Theme: Hacker versus counter-hacker: From retribution to attribution

Date: November 6th to 9th, 2019

Venue: Osaka, Japan

Download Report

SPEAKERS

Paul Vixie – Farsight
Matthieu Faou – ESET
Thomas Dupuy – ESET
Yoshihiro ISHIKAWA – LAC
Augusto Remillano – TrendMicro
Hazel Poligratis – TrendMicro
Niranjan Jayanand – Microsoft
Ayako Matsuda – FireEye
Dinesh Devadoss – K7 Computing
Kaarthik R Muthukrishnan – K7 Computing
Takahiro Haruyama – Carbon Black
Venkatachalabathy S.R. – McAfee
Harikrishanan M. – McAfee
Michal Poslusny – ESET
Peter Kalnai – ESET
Boris Larin – Kaspersky
Randy Abrams – OPSWAT
Robert Lipovsky – ESET
Yoav Arad Pinkas – Checkpoint
Minseok (Jacky) Cha – Ahnlab
GenShen Ye – 360NetLab
Adolf Středa – AVAST
Luigino Camastra – AVAST
Nitin Shekokar – Symantec
Akshay Agarwal – Symantec
Akhil Reddy – FireEye
Steven Zhou – Microsoft
Itay Cohen – Checkpoint
Ari Eitan – Intezer
Mark Lechtik – Kaspersky

Ariel Jugnheit – Kaspersky
Anton Cherepanov – ESET
Jean-Ian Boutin – ESET
Josep Albors – Ontinet
Rommel Abraham D Joven – Fortinet
Dhanalakshmi Velusamy – K7 Computing
Mingwei Zhang – Symantec
Prakash Galande – Quickheal
Bajrang Mane – Quickheal
Aviran Hazum – Checkpoint
Zuzana Hromcova – ESET
Thomas Siebert – G DATA CyberDefense
Saurabh Sharma – Kaspersky
Vladimir Kononovich – Kaspersky
Hsun-Jen Hsu – AVAST
Jen-Yu Tsai – AVAST
Christopher Del Fierro – IBM X-Force IRIS
Simon Edwards – SE Labs
Heungsoo Kang – LINE
Ivan Korolev – Doctor Web
Igor G. Zdobnov – Doctor Web
Lokesh Janakiraman – K7 Computing
Raja Babu Annamalai – K7 Computing
Doina Cosovan – SecurityScorecard
Catalin Valeriu Lita – SecurityScorecard
Samir Mody – K7 Computing
Luis Corrons – Avast
Eddy Willems – G DATA CyberDefense
Paul Chung – AhnLab

AGENDA

Wednesday, November 6, 2019

16:00 – 18:30 Registration

19:00-22:00 Welcome Drinks Reception

Thursday, November 7, 2019

Stage A	Stage B
8:00-9:00 Last Minute Registration
9:00-9:05 Welcome & Logistics
9:05-9:10 AVAR Welcome
9:10-10:00 Keynote: Benefits and Hazards of Non-Local DNS Resolution
10:00-10:30 Operation Ghost: The Dukes aren`t back – they never left
10:30-11:00 More about HYDSEVEN adversary and cryptocurrency threat
11:00-11:20 Coffee Break	11:00 – 11:20 Coffee Break
11:20 -11:40 The Mining Ninja	11:20-11:40 ATT&CKing the threat intel sharing problem
11:40-12:00 Curious tale of 8.t used by multiple attack campaigns against South Asian countries	11:40-12:00 Protecting Democracy – Elections Under Attack
12:00-12:30 Sweet`n Sour in Poison: Case Study of Espionage Campaigns Targeting Japan	12:00-12:30 Hunting advanced IoT malware
12:30-14:00 LUNCH	12:30-14:00 LUNCH
14:00-14:30 Mac Me MORE Money!! Exploitation of Mac in Targetted Attacks	14:00-14:30 Tick Tock – Activities of the Tick Cyber Espionage Group in East Asia Over the Last 10 Years
14:30-15:00 Defeating APT10 Compiler-level Obfuscations	14:30-15:00 EMOTET…… The end to end story
15:00-15:30 The journey of malware families evade sandbox	15:00-15:30 Guildma: timers sent from hell
15:30-15:40 COFFEE BREAK	15:30-15:40 COFFEE BREAK
15:40-16:10 Rich Headers: leveraging this mysterious artifact of the PE format for threat hunting	15:40-16:10 Cybersecurity Parasite
16:10-16:40 Momigari: Overview of the latest Windows OS kernel exploits found in the wild	16:10-16:40 Demystifying macOS: An investigation into the dynamics of macOS attacks
16:40-17:00 Multiscanning: Making Sense of the Numbers	16:40-17:00 CTPH Clustering Analysis in Big Data Environment
19:00-22:30 GALA DINNER & ENTERTAINMENT	19:00-22:30 GALA DINNER & ENTERTAINMENT

Friday, November 8, 2019

Stage A	Stage B
09:00-09:10 WELCOME AND LOGISTICS
09:10-09:30 The Red Square – Mapping the connections inside Russia`s APT Ecosystem	09:10-09:30 Unwanted world – from chaos to rules
09:30-10:00 The North Korean AV Anthology: a unique look on DPRK’s Anti-Virus market	09:30-10:00 TITANIUM: the PLATINUM group strikes again
10:00-10:30 Buhtrap metamorphosis: From cybercrime to cyberespionage	10:00-10:30 A Chronicle of Fallout
10:30-11:00 Attacks Against Financial Institutions and Cryptocurrencies	10:30-11:00 Fast Rev-eng Is Definitely Awesome (Android Frida tutorial)
11:00 – 11:20 COFFEE BREAK	11:00-11:20 COFFEE BREAK
11:20-11:40 Digital Skimmers: How crooks are spying your online shopping	11:20-11:40 What is Really Happening with MegaCortex
11:40-12:00 MoqHao: Targeted Attacks on Android and iOS in Japan	11:40-11:50 An introduction to CTA: Cyber Threat Alliance
	11:50-12:00 Buying, selling and analysing security: Following the money, time and expertise behind a trillion dollar industry
12:00-12:30 A deep look into the recent “Living off the Land” threats in the wild	12:00-12:30 Discretion in APT: Recent APT attack on crypto exchange employees
12:30-14:00 LUNCH	12:30-14:00 LUNCH
14:00-14:30 Targeting Japan: a story from infection vector to C&C server hidden using fast flux and everything in between	14:00-14:30 Unrevealing the architecture behind the Counter-Strike 1.6 botnet: zero-days and Trojans
14:30-15:00 AgentSmith – A New species of Mobile Malware	14:30-15:00 Into the Land of the Dark(hydrus)
15:00-15:30 The IoT in Jeopardy: The Abuse of Mobile Applications and Cloud Services	15:00-15:30 Panel discussion: “Governments and Encryption, Offensive Security, IoT”
15:15-15:30 COFFEE BREAK
15:30-16:00 ATTOR: Spy platform with curious GSM fingerprinting
16:00-16:45 Judgement Day
16:45-16:50 AVAR 2020 ANNOUNCEMENT – VIETNAM
16:50-16:55 CARO 2020 Announcement
16:55-17:00 Closing
17:00-18:00 AVAR Members Meeting

Saturday, November 9, 2019 : Networking Day

HOSPITALITY / NETWORKING ON SATURDAY, NOVEMBER 9

Take a break and enjoy a wonderful day with us. The historic Kyoto and fun Cupnoodles Museum in Osaka are waiting for you. Socialize with fellow attendees and visit once-in-a-lifetime sites.

ITINERARY

Duration 10,5 hours / 9.00 – 19.30

CupNoodles Museum in Osaka
Traditional Lunch in Kyoto
Bamboo Grove in Kyoto
Tenryu-ji temple in Kyoto
Fushimi Inari Shrine in Kyoto

PRICING DETAILS

INCLUDED

10-hour tour
Private coach
Local english speaking guide
Entrance fee to Tenryu-ji & Bamboo grove
Entrance fee to Cup Noodles Museum
Lunch at traditional restaurant in Kyoto

NOT INCLUDED

Additional entrance fees
Food or drinks during the day (excl. Lunch)
Gratuities (optional)

CUPNOODLES MUSEUM OSAKA

Who knew noodles could be this fun? Regardless of your age or eating habits, the Instant Ramen Museum is packed with hands-on experiences and visual appeal, making it fun for anyone. This colorful wonderland stimulates much more than your taste buds.

You can make chicken ramen by hand or create your own completely original Cupnoodles package which is unavailable anywhere else in the world.

KYOTO HIGHLIGHTS

You’ve probably seen photos of the Arashiyama Bamboo Grove, but no picture can capture that sense of otherness, different than any other forests you ever visited. And right next to it is Tenryu-Ji Temple, with its famous 14th century Zen garden and pond, which catches the reflection of the surrounding maple trees.

Home to a seemingly endless stretch of over 5000 iconic orange torii gates spread across an entire mountain, Fushimi-Inari-Taisha Shrine is perhaps the single most fascinating sight in all of Kyoto and among the oldest Shinto shrines in Japan. Don’t miss it!

VENUE

HOTEL NEW OTANI OSAKA Japan

Situated along a scenic riverside in Osaka Business Park, Hotel New Otani Osaka offers guests an array of guestrooms and suites and numerous restaurants and bars for superior dining. The hotel is also just steps away from Osaka Castle and its surrounding 264 acre park, giving guests spectacular views of the natural and beautiful areas.

ADDRESS

540-8578 Osaka Prefecture,

Osaka, Chuo-ku Shiromi 1-4-1, Japan

KEYNOTE

Paul Vixie

Benefits and Hazards of Non-Local DNS Resolution

Chairman, CEO and cofounder of Farsight Security, Inc.

Since commercialization and privatization of the Internet first began in the 1990’s, there has been a steady push to move access side DNS (called “recursive”) away from customer networks and towards first ISP’s and later Cisco, Google, IBM, and Cloudflare. What are the real motives for this trend? What are the risks and costs, and who pays them?

Vixie has worked in the DNS field since 1989 and has invented many of the monitoring and filtering capabilities now used by nearly all DNS services, and he will try to explain what’s happening. Special attention will be paid to the new web-based “DNS over HTTP” or “DoH” protocol now being strongly pushed by Mozilla and others.

Dr. Paul Vixie is an Internet pioneer. Currently, he is the Chairman, CEO and cofounder of Farsight Security, Inc. Dr. Vixie was inducted into the Internet Hall of Fame in 2014 for work related to DNS and anti-spam technologies. He is the author of open source Internet software including BIND 8, and of many Internet standards documents concerning DNS and DNSSEC. In addition, he founded the first commercial anti-spam company (MAPS, 1996), the first non-profit Internet infrastructure software company (ISC, 1994), and the first neutral and commercial Internet exchange (PAIX, 1991). In 2018, he cofounded SIE Europe UG, a breakthrough European data sharing collective to fight cybercrime. Dr. Vixie earned his Ph.D. from Keio University for work related to DNS and DNSSEC in 2010.

November 7 at 09:10 – 10:00, Stage A

We sit down with internet pioneer and Farsight Security CEO Dr. Paul Vixie, co-inventor of some of the services that are central to the internet’s fabric, including Domain Name System (DNS) architecture. As an authoritative voice on a range of matters that concern the global internet, the discussion with Dr. Vixie weaves together issues connecting DNS and its effect on security and privacy.

Photos