Following our first successful event in 2016, Hong Kong’s premier security research and threat intelligence group Dragon Threat Labs is hosting DragonCon, possibly the most technically-intensive security conference borne out of Hong Kong.
Come join us, make friends and see the cyber city!
DragonCon invites proposals for half-day or full-day workshops to be held in December 2019. Workshops are expected to focus on Threat Intelligence, Hardware Hacking, Hardware Forensics, Hardware Attacks, Reverse Engineering, Exploitation, Vulnerabilty Research and any other subject that will make our nerd-o-meter hit the red line!
1. Complimentary ticket to the conference
2. Invitation to the VIP party
3. Remuneration for international speakers
10:00am - 10:20am
10:20am - 10:30am
Welcome & opening speech
10:30am - 11:15am
Building your Car Hacking Labs and a Car Hacking Village Community from Scratch
How do you get started with car hacking with good resources already? Yes you got the online resources now but how do you get the hardware without buying an actual car? Join Jay as he recall his experience in building the 1st car hacking village in the Philippines together with his friends. In this talk, he will demonstrate how to procure cheap hardware but not from the black market and how to start car hacking on a cheap. He will demonstrate car hacking for beginners from reverse engineering the Controller Area Network (CAN), building your own 5$ car hacking tool to fuzzing simulators and real hardware. This talk is also inspired from the Car Hacking Village in DEFCON.
11:15am - 12:00am
12:00am - 12:45pm
Cisco to Disco!
Our talk introduces the internal structure and functionality of the Cisco IOS Exploit Framework (a.k.a. DISCO Framework) presented through a demonstration of the Cisco IOS 1-Day analysis. And we will also introduce some 1-day exploit codes analyzed by our framework!
# Cisco IOS Exploit Framework (a.k.a DISCO Framework = Destroy cISCO)
CISCO IOS Mips Debugger with new features such as Backtrace and ASLR-based Dynamic Address Calculation
[*] Instrumentation Send Test Packet for the major basic block of code-patched IOS firmware, extract coverage, and send it to the Fuzzer connected by Serial Port.
[*] Fuzzer Create an Smart Packet based on the coverage received through Instrumentation and send it to the Router for efficient fuzzing.
12:45pm - 13:30pm
Cybersecurity: Just Another Terrain
Gene Yu, Mika Devonshire
A presentation on root cause analysis from the perspective of a U.S. Army Green Beret—integrating physical and social risk analysis with cyber incident response.
The presentation will cover the principles of incident response / root cause analysis, with discussion and real-world case studies on the value of incorporating people, processes and physical security risk with digital vulnerability analysis.
13:30pm - 14:45pm
14:45pm - 15:30pm
(Discussion Panel) Red teaming: how we hack you, the impact on industry standards and the evolution of security testing
Dan Kelly, Simon Blanchet, Jenius Shieh
This discussion will cover aspects of red teaming, industry standards and practitioner level application. We will explore areas such as:
- How has red teaming evolved
- How has the industry evolved
- Does it really help to make us more secure
- As a practitioner, how much effort is red teaming
- Do industry standards actually meet real-world requirements
- How does threat intelligence feed in to red teaming?
This panel will be interactive and members of the audience will be able to ask questions.
15:30pm - 16:15pm
Hacking and Trolling: The Changing Face of Hacktivism in the Disinformation Age
Hacktivism, commonly known as actions by individuals or groups that using hacking skills to spread a specific message and bring attention to a political or social cause, has risen and then fallen globally in the past five years. In the meantime, hacktivist activities have evolved, with an increase in state-sponsored hacktivism using false hacktivist personas, and the appearance of hacktivists who could also be described as “entrepreneurial geeks.” Not all hacktivists break into network systems; some perform troll activities to create online disruptions on social media to accomplish their goals. The recent phenomenon of fandom nationalists turned trolls adds another layer to the many roles of hacktivism.
This talk will discuss the role of hacktivism in information operations through case studies of hacktivist activities from various regions and countries, and provide insight into the structure, organization, motivations, goals, tactics, techniques, and procedures (TTPs) of these hacktivist groups. The talk will also analyze how other threat actors utilize hacktivists to conduct information operations. Lastly, the talk will reflect on the future direction of global hacktivism in information operations as geopolitical tensions among major powers increase and nation-states reposition their cyber defense posture.
16:15pm - 16:30pm
16:30pm - 17:15pm
A conceptual framework to construct a I2P network through hacked IoT devices
Ir Dr Daniel NG
Many Hong Kong public utilities are deploying smart meters using NB-IOT. Most of them are using GPRS and 32-bit micro controller. Radio interface is based on WiFi. It is easy to construct an offensive system to convert a cluster of IOT devices into a I2P network for recons and surveillance.
6th Dec 2019
09:00am - 13:00pm
A hands-on perspective of modern attacker techniques
Kenneth Teo, Technical Director APJ, Alsid
Course Length: Half-day training
Active Directory: The untold story of 10 years of failure, and how to emerge greater. Sad to say, Active Directory is not only the cornerstone of our infrastructures' security, it's also one of its weakest points. Since the early 2000's, it has been the common point between desktop and industrial information systems. The recent release of Singhealth's compromise report is a striking example. The root cause of these attacks is not always to be found from software vulnerabilities, but from abnormal and sometimes funny misuse of security features. During this session, we will shed a light on the most epic failures we encountered during real-world incident response. Taking into consideration what we know from modern threats, we will describe a pragmatic way to get the control back on Active Directory infrastructure.
We are seeking sponsors. If you are interested in sponsoring, please contact the following at Dragon Threat Labs.
For the donation, please contact the following at Dragon Threat Labs.
Copyright © 2019 Dragon Threat Labs