Events / FIRST Conference in Korea The Forum of Incident Response and Security Teams (FIRST) held its Plenary Session Technical Colloquium (TC) in Seoul, Korea on September 25 - 27 at the Renaissance Seoul Hotel. The TC consists of 2 days of presentations and one day of a hands-on class. About 70 security experts from many places, including the United States, Japan, New Zealand, Brazil, the Netherlands, Singapore, Malaysia, China, and of course Korea attended the closed conference. This is the first time the international organization has met in South Korea. Arnold Yoon, a member of FIRST Steering Committee and coordination manager of the Korean Computer Emergency Response Team (KrCERT/CC), said in an interview, "FIRST Technical Colloquium is an event that is held 3-4 times a year, especially more focused on the technical issues. The annual conference of FIRST, which is held on every June, is covering more general issues about security and the cooperation across different fields...." When asked about the contributions of the participating countries to the colloquium, Jung Kwan-jin, security analyst for Korea-based AhnLab said, "I'm here in Korea but most security incidents have cross-border characteristics. This means that incidents are not limited to one country, but are a global phenomenon. When I attend this kind of conference we can share that kind of information with people from other countries. I can understand better the nature of security incidents. This colloquium is very useful to security researchers and managers." Korea was well-represented at the colloquium, with Korean speakers giving more presentations than any other country. Kim Young-baek, KrCERT/CC member, spoke about botnet monitoring and mitigation activities. Arnold Yoon gave an update on current FIRST activities. Heo Young-jin of Infosec spoke about web hacking techniques in today's Internet. Kim Hyuk-joon of the Korea Information Security Agency (KISA) gave a talk concerning spam tracking techniques using network bridges. And Jung Kwan-jin of AhnLab gave a talk entitled "When Vulnerability Met Shellcode" regarding detection of unknown security threats. Other notable speakers at the colloquium included Sherman Chunyan from the National University of Singapore, who spoke about the security procedures at NUS, and Arjen de Landgraaf of Co-Logic Security in New Zealand who gave a talk regarding the best practices to use when dealing with phishing scams. The history of FIRST goes back to 1989, one year after the first CERT was created. Internet security incidents began to impact more than one group or organization and began to attack large sections of the Internet as a whole. The organization is exclusive, and new members must be sponsored by existing members before they can join. Since 1990, when FIRST was founded, its members have resolved an almost continuous stream of security-related attacks and incidents including handling thousands of security vulnerabilities affecting nearly all of the millions of computer systems and networks throughout the world connected by the ever growing Internet. FIRST brings together a wide variety of security and incident response teams including especially product security teams from the government, commercial, and academic sectors.