This document contains information about various HITCON events, programs and resources including HITCON GIRLS, HITCON CTF, HITCON Training, HITCON Pacific, HITCON Knowledge Base, HITCON ZeroDay and contact information. It also includes some tips and recommendations for web browsers, password managers, two-factor authentication, ad blocking and malware analysis tools.
This document discusses internet of things (IoT) security issues and vulnerabilities. It provides background on the growth of IoT devices and lack of security in many devices. It then describes common vulnerabilities in hardware, connectivity, and applications that can allow attackers to compromise IoT devices. Examples of hacking tools are also provided for different types of attacks against IoT devices. The document advocates for security by design in IoT systems and provides tips for both organizations and individuals to help secure IoT devices and networks.
在這個資料科學蔚為風潮的年代,身為一個對新技術充滿好奇的攻城獅,自然會想要擴充自己的武器庫,學習嶄新的資料分析工具;而 R 語言,一個由統計學家專門為了資料探索與分析所開發的腳本語言,具有龐大的開源社群支持以及琳瑯滿目、數以萬計的各式套件,正是當今學習資料科學相關工具的首選。
然而,R 語言的設計邏輯與一般的程式語言不同,工程師們過去學習程式語言的經驗,往往造成學習 R 語言的障礙,本課程將從 R 語言的基礎開始,讓同學們從課堂講解以及互動式上機課程中,得以徹底理解 R 語言的核心概念與精要,學習如何利用 R 語言問資料問題,並且從資料分析的角度撰寫效率良好同時具有高度可讀性的 R 語言代碼。
This document discusses deepfakes and how they are created using deep learning techniques. It begins with an overview of deepfakes and similar techniques like Lyrebirds that can synthesize human speech and voices. It then describes the technical process for creating deepfakes in detail, including extracting images from videos, extracting and aligning faces, training machine learning models, debugging, and converting back to video format. Challenges of deepfakes like spreading misinformation are mentioned. Potential solutions discussed involve using AI and blockchain technologies to detect fake videos and verify the authenticity of media.
Birds of a Feather 2017: 邀請分享 Light Up The Korean DarkWeb - Dasom KimHITCON GIRLS
The document discusses light up the Korean dark web. It begins with an introduction to the dark web and how to access it safely. It then provides an overview of the major Korean-language dark web forums and markets, including Agora, High Korea, and Eastern Front. It also discusses linking data from the dark web to the surface web in Korea to find related information. Finally, it presents two case studies, one involving linking slang words across platforms, and another involving the investigation of an illegal abortion pill sales site.
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardHITCON GIRLS
2017年12月10日 - Birds of a Feather ( 簡稱BoF ),語意上是指鳥類會與相同類型的鳥群一起飛翔,之後衍伸為讓志同道合的人們聚集在一起或舉辦非正式聚會。
https://hitcon-girls.blogspot.tw/2017/12/Birds-of-a-Feather.html
Birds of a Feather 2017: 邀請分享 Place of Attribution in Threat Intelligence - F...HITCON GIRLS
This document discusses principles of threat attribution through analyzing artifacts left behind by threat actors. It explains that attribution is difficult as there are usually multiple possible explanations but outlines approaches like examining metadata, anomalies, targeting patterns, and mistakes over time. Specific case studies are presented on a hacking back of a command and control server, using stolen certificates to attribute Lazarus, and clues in timestamps and encoding errors that point to Lazarus having Korean origins.
This document discusses the Xposed Framework, which allows modifying and hooking into system level Android apps. It covers how the Zygote process works in Android to launch new processes, and how Xposed hooks into this by intercepting calls to the ZygoteInit class. It then provides an overview of how to create an Xposed module to hook into and modify another app, using the System Clock app as an example.