HITCON Review Board
Tsung Peikan (aka PK), Co-Founder at CyCarrier/CyCraft Technology Cooperation, He has experiences of intensive computer forensic, malware and exploits analysis and reverse engineering. PK, specializing in cybercrime and Advanced Persistent Threats (APT) investigation, worked for National Police Agency for six years and Academia Sinica for two years before. After that, PK moved to Verint Systems Taiwan as a chief cyber researcher until September 2017. He has had long-term research on APT, IOT, automotive ECU safety and been the chairman of the HITCON Reviewboard for many years as well. Besides, he is also the speaker of TWNIC, Black Hat, DEFCON, SyScan, HITCON, and HTCIA.
HITCON Community Coordinator / DEVCORE CEO
Alan is HITCON CTF team manager. He works in Mediatek IT department. His job is to harden enterprise systems and handle cyber security incidents. Also he promotes IoT chip applications. His previous job was in ChungHwa Telecom being a security system architect , planning incident handling procedure for security department and planning cloud services for cloud department .
Jeremy Chiu (aka Birdman) is a co-founder at CyCarrier/CyCraft Technology Cooperation. He has more than fifteen years of experience with Malware analysis, Machine Learning, CTI research and focusing on kernel technologies for both the Win32 and Linux platforms. In Taiwan, he is recognized as a very senior anti-malware programmer and early pioneer in APT research. He and Benson founded Xecure Lab in 2011 providing digital forensics and APT detection solution, then in 2014, Xecure Lab was acquired by Israeli-American Company Verint Systems. For many years, he was a contracted law enforcement instructor at intelligence agencies in Taiwan, and fre/quently gave talks at security conferences like DEFCON, SyScan, HITCON, AVTokyo, HTICA and OWASP Asia.
Chen-Mou Cheng programs and teaches cryptography. He has taught at National Taiwan University, Technische Universität Darmstadt, Kyushu University, Osaka University, and Kanazawa University. He is now Chief Scientific Officer at BTQ AG, Liechtenstein (and an adjunct faculty member at Kanazawa University).
Chen-yu Dai (GD) is a security researcher at Rakuten CERT. Besides incident response and threat hunting roles, he builds in-house systems for Bblue Tteam to deal with unknown cyber threats. He has received some prizes from CTFs, bug bounty programs, and been speaker at several conferences: HITCON, TROOPERS, CODE BLUE, IEEE GCCE, etc.
Fyodor Yarochkin is a Senior Researcher, Forward-Looking Threat Research Senior at Trend Micro with a Ph.D. from EE, National Taiwan University. An early Snort Developer and Open Source Evangelist as well as a Programmer, his professional experience includes several years as a threat investigator and over eight years as an Information Security Analyst.
Gasgas (Ziv Chang, YuMin Chang) is the Sr. Director of CyberSafety Solution Dept in TrendMicro. He is widely recognized for his work in APT campaigns studying, penetration testing, code review, malware analysis, vulnerability research, security architecture and security strategy in Taiwan. Prior to joining TrendMicro, YuMin was the CTO for information Security Service Digital United, a biggest MSSP in Taiwan. YuMin is one of founder of HITCON (Hacks in Taiwan conference) and appear in the keynote of most important conferences in Taiwan (including HITCON 2005,2008,2012,2016, ITHOME 2015,2016, HONEYCON 2014,2015,2016) and also Black Hat Briefings Asia - Singapore 2000. He holds a degree in Mathematics and a Masters in Computer Science from the National Tsing Hua University, Taiwan, where he is also a PhDalso PhD candidate. He holds also certifications of CERT/CC, CISSP, CEH, CHFI and ECSA/LPT.
Chief Scientist of InfoKeyVault Technology Co., Ltd. and Outstanding Teaching Faculty at National Taiwan University. Courses delivered at NTU: Cryptography, Elliptic Curve Cryptography, Cryptanalysis, Post-Quantum Cryptography, and Introduction to FinTech.
Ming-chieh's (Nanika) is Chief Researcher in Team T5 Research. He is a well-known vulnerability researcher, and has been disclosing new vulnerabilities for many years. His major areas of expertise include vulnerability research, exploit techniques, malware detection, and mobile security. He has 10+ years of experience on vulnerability research, especially on Windows platform and malicious document and exploit. He discovered numerous Windows system and document application vulnerabilities, such as Microsoft Office, Adobe PDF, and Flash. In recent years, he started his exploration and discovering problems in Mac OS X. He frequently presents his researches at security conferences, such as Black Hat, HITCON, and Syscan.
Yen-Ming started his security career protecting Fortune 500 companies through penetration testing, product assessment, training and other consulting / product development with Foundstone / McAfee / FireEye. Then he transforms Fortune 500 companies business with security through program management balancing security, compliance, engineering, operation and regulatory requirements to achieve trustworthy results in Citigroup, Microsoft Azure and Apple. He speaks in International conferences and contributed to five books including "To The Cloud" and "Hacking Exposed" series and had two open source projects for Snort log analytics. He got his master degree from Carnegie Mellon University's Information Networking Program and bachelor degree in Mathematics from National Central University in Taiwan.
Zuan is a member of Chroot group, and hashave been a staff for HITCON for almost 10 years. He specializes in reverse engineering software and hardware (embedded systems), malware analysis and cryptography. He authored one of the reversing challenge in HITCON 2011 and 2012's Wargame. Also, many years ago he was active in Cheat Engine Forum, and wrote two of the widely circulated (leaked) game hacks of that time ("Zuan Engine" and "MzBot").
Cheng-Da Tsai, also as known as Orange Tsai, is a memberis member of DEVCORE and CHROOT from Taiwan. Speaker of conferencesconference such as Black Hat USA, Black Hat ASIA, DEFCON, HITCON, HITB, CODEBLUE and WooYun. He participated inparticipates numerous Capture-the-Flags (CTF), and won 2nd place in DEF CON 22/25 as team member of HITCON.
Currently focusing on vulnerability research & web application security. Orange enjoys to find vulnerabilities and participates Bug Bounty Program. He is enthusiasm for Remote Code Execution (RCE), also uncovered RCE in several vendors, such as Facebook, Uber, Apple, GitHub, Yahoo and Imgur.
Twitter: @orange_8361
Blog: http://blog.orange.tw/
Chung-Kuan Chen is currently a senior researcher in Cycraft, and responses for organizing their research team. He earned his PHD degree of Computer Science and Engineering from National Chiao-Tung University (NCTU). His research focuses on network attack and defense, machine learning, software vulnerability, malware and program analysis. He tries to utilize machine learning to assist malware analysis and vulnerability discovery, and build automatic attack and defense systems. He has published several academic journalsjournal and conference papers, and has involved in many large research projects from digital forensic, incident response and malware analysis. He also dedicates to security education. Founding of NCTU hacker research clubs, he trains students to participate world-class security contests, and has experience of participating DEFCON CTF (2016 in HITCON Team and 2018 as coach in BFS team). Besides, he has presented technical presentations in non-academic technique conferences, such as HITCON, RootCon, CodeBlue OpenTalk, FIRST and VXCON. As an active member in Taiwan security community, he is in the review committee of HITCON conference, and ex-chief of CHROOT - the top private hacker group in Taiwan. He organized BambooFox Team to join some bug bounty projects and discover some CVEs in COTS software and several vulnerabilities in campus websites.
Angelboy is a member of chroot and HITCON CTF team. He is researching about binary exploitation, especially in heap related exploitation. He participated in a lot of CTF, such as HITB、DEFCON、Boston key party, won 2nd in DEFCON CTF 25,27 and won 1st in Boston key party 2016, 2017 with HITTICON CTF Team. He is also a speaker at conferences such as HITCON, VXCON, AVTokyo, HITB GSEC.
Mr. Hikohiro Y Lin had been in charge of Product Security at Panasonic headquarters for over 15 years. He led several projects, including devising and deploying security test methods and risk assessments for IoT devices, formulating product security standard rules and guidelines, building a global product security system, formulating head office product security strategies, establishing Panasonic Cyber Security Lab for future cybersecurity research and product-focused security incident responses team, etc. He had served as Head of Panasonic PSIRT, Head of Product Security at Panasonic Global, and Director of Panasonic Cyber Security Laboratory.
Also, He has received (ISC)² ISLA(Information Security Leadership Achievement)APAC Senior Information Security Professional 2018 Showcased Honoree and Community Service Star. He speaks in many international conferences such as Black Hat, CODE BLUE, Kaspersky Security Analyst Summit (SAS),HITCON and Government invited roundtable Panelist.
Mr. Hikohiro Y Lin is currently appointed Managing Director of Digital Trust at PwC Consulting LLC.
Miaoski is a senior researcher at Trend Micro, focusing primarily on data analysis, 4G/5G core networks, natural language processing, and software-defined radio (SDR). He previously worked as a BIOS engineer at the Open Computing Project and enjoys working on Raspberry Pi and Arduino projects in his spare time.
Chi-en Shen (Ashley) is an information security technical leader at Cisco Talos. She specializes in researching emerging threats, including nation-state targeted attacks, financially motivated crimes, spyware, and exploits carried out by mercenaries. Previously, she worked as a security engineer at Google Threat Analysis Group, where she focused on zero-day exploit hunting and tracking botnets. Prior to that, she was a member of the Mandiant Global Research Team, where she tracked APT groups in APAC and contributed to the development of the Threat Intelligence platform. Passionate about supporting women in InfoSec, Ashley co-founded HITCON GIRLS, the first security community for women in Taiwan. Additionally, she serves as an organizer for Rhacklette, a security community for FINTA in Switzerland. To support the security community, Ashley serves as a review board member for Black Hat Asia, Hacks in the Box and HITCON conferences. She has also shared her expertise as a speaker at conferences such as Black Hat, Hack in the Box, HITCON, FIRST, CODE BLUE, Troopers, Confidence, RESET, and others. In her free time, she enjoys playing CTF and providing CTF training within the security community.
Chun-Ying Huang is a Professor at the Department of Computer Science, National Yang Ming Chiao Tung University (NYCU). Dr. Huang has broad research interests in the areas of system security. He also served as PIs or co-PIs of several teaching, research, and industrial projects in network and system security areas, including the information security incubation program (ISIP and AIS3) from the Ministry of Education (MoE) and Taiwan information security center program (TWISC) at NYCU from the National Science and Technology Council (NSTC). Dr. Huang won teaching and research awards, including ACM Taipei/Taiwan Chapter K. T. Li Young Researcher Award, NSTC Excellent Young Scholar Grants, and NCTU/NYCU excellent teaching awards. He was a general secretary at the Chinese Cryptology and Information Security Association (CCISA). In addition to research works, Dr. Huang has hosted domestic CTFs for university students since 2014 and advised students to participate in many security competitions, including HTICON, SECCON, and DEFCON CTF Final. He currently serves as the Director of the Institute of Network Engineering at National Yang Ming Chiao Tung University.
zha0 is a security researcher.
Bugs or wheels? Feedback and support here.
More on contact [email protected]
If you have any privacy or security concern when contacting the HITCON Committee,you can
communicate with us through the use of following PGP public key:
Key ID: C60BC4E7 Fingerprint = B3D9 D201 7ABB BD1B 6235 1133 6521 FDFD C60B C4E7
The public key is available at:PublicKey Download