« ICS SECURITY CONFERENCE 2014 | Main | APCERT DAY at APRICOT and Open Resolver Check Site Launched by JPCERT/CC »

Mar 19, 2014


Hi. This is You Nakatsuru (“Tsuru”) – a “just married” Information Security Analyst from Analysis Center.


Today, I would like to introduce JPCERT/CC’s presentations at “CODE BLUE”, a new international information security conference originating in Japan which was held on February 17 and 18. The conference attracted many computer security experts – more than 400 attendees from about 10 different countries. The conference covered a wide range of topics discussing cutting-edge measures against cyber attacks, and each of them was very attractive. Two members from JPCERT/CC - Tomoyuki Shigemori and me - also delivered presentations at the conference.


Under the title “Fight Against Citadel in Japan”, I explained the current status on the illegal money transfer cases using internet banking services in Japan, I highlighted the analysis results of the banking Trojan “Citadel” behind this campaign and introduced a decryption tool called “Citadel Decryptor” which I developed. Citadel encrypts the data stored in files and registry as well as communication data, making it difficult for analysts to retrieve the contents in them. The Citadel Decryptor can decrypt the data easily and allows us to obtain necessary information in order to quickly react to the incident. For more information, please refer to my presentation slides by clicking here.


Next, let me hand over to another colleague who presented at the CODE BLUE conference.


Hi. This is Tomoyuki Shigemori, Information Security Analyst from Watch and Warning Group. The presentation I delivered is entitled “HTML5 Security & Headers - X-Crawling-Response-Header-“, which highlights security issues of web applications utilizing HTML5. Based on the technical research report published by JPCERT/CC on October 30 2013, I conducted a fact-finding survey against HTTP response header over 940 thousand websites. I showed some case studies on security issues and provided measures to address them by emphasizing the important points to be noted upon using HTML5. This markup language allows us to build more flexible and highly convenient websites, but on the other hand, there are several points that we need to be aware of. The technical research report we published describes various features of HTML5 and security issues that are not covered in the presentation, so I hope you find it useful in developing a secure web application. The published technical research report is currently available only in Japanese, but its English version will be coming up soon! For more information, please refer to my presentation slides here.

If you have any questions on our presentations, please contact us via email mentioned in the presentation slides.

Thank you!

-You Nakatsuru & Tomoyuki Shigemori