CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SPEAKER
Jeremy Chiu / Birdman
CyCraft Technology Corporation Founder & CTO
Jeremy Chiu (aka Birdman) graduated from National Central University and obtained a master's degree in Computer Science and Engineering from Tatung University. He's the founder and Chief Technology Officer (CTO) of CyCraft Technology and serves as a consultant for Hacks In Taiwan Conference (HITCON). As an expert in cybersecurity technologies, he has more than 15 years of relevant research experience. With a talent to impart knowledge of cybersecurity through lively and interesting lectures, Birdman frequently publishes his research at major cybersecurity conferences every year both domestically (e.g., HITCON and iThome) and internationally (e.g., US-based Black Hat). In addition, Birdman is a renowned entrepreneur in Taiwan's cybersecurity industry. Along with Benson Wu in 2011, he co-founded Taiwan's first company to specialize in the development of APT defense products. In 2014, the company was acquired and affirmed by an Israeli cybersecurity company listed on the U.S. NASDAQ.
CyCraft Technology, a newly founded startup by Birdman, focuses on integrating artificial intelligence research with cybersecurity technologies. Specifically, the main research focus of CyCraft Technology is the development of automatic analysis systems, analyses of hacker activities, malware analyses, and machine learning algorithms. Moreover, multiple specialist studies on cybersecurity have been published by CyCraft at global seminars, such as Black Hat, DEFCON, SyScan, HITCON, FIRST, AVTokyo, HTICA, and OWASP Asia.
Speech
SEP 22
#
A Beacon of Light in the Darkest AD: Attack Path Visualization with AI Simulation
Completing our CyCraft trilogy of CyberSec talks, we will discuss the critical importance of proper privilege management. Windows AD is the heart of Enterprise IT cybersecurity. Yet while it is a top security priority, it can also be the darkest enigma and a monster to unravel. AD security is difficult to measure. In this presentation, we will introduce a new AI analysis method for AD security, combining the confrontational thinking between red and blue teams to better help outline the boundaries of enterprise cybersecurity and increase visibility and metrics for AD security. This is a Birdman session you cannot miss.
SEP 20
#
A Beacon of Light in the Darkest AD: Attack Path Visualization with AI Simulation
Completing our CyCraft trilogy of CyberSec talks, we will discuss the critical importance of proper privilege management. Windows AD is the heart of Enterprise IT cybersecurity. Yet while it is a top security priority, it can also be the darkest enigma and a monster to unravel. AD security is difficult to measure. In this presentation, we will introduce a new AI analysis method for AD security, combining the confrontational thinking between red and blue teams to better help outline the boundaries of enterprise cybersecurity and increase visibility and metrics for AD security. This is a Birdman session you cannot miss.
SEP 22
#
供應鏈攻擊手法解析與抵禦之道
Technology powers everything in our lives from our personal day-to-day lives to the day-to-day operations of the world’s largest industries and enterprises. Supply chain attacks pose grave risk as their impact is far more reaching and their damage far more severe than ever before.
In Nov 2021, it was reported that several well-known securities firms—as well as Taiwan’s greater financial sector—were targeted by credential stuffing attacks. However, an in-depth digital forensic investigation and detailed malware analysis by CyCraft concluded that the China-sponsored threat group APT10 had launched this series of sophisticated intrusions by exploiting one supply chain vulnerability, affecting multiple Taiwan institutions across the financial sector.
In this talk, we will share our forensic investigation results into this novel attack, including analyses of the leveraged tools, attack techniques, and malware. We will also discuss what this new attack behavior in China-state threat groups means for Taiwan, our financial institutions, and Taiwan’s cyber defense strategies against supply chain attacks.