Inicio

Contenido Inicio

Auditorio 1
1h
PLACE OF CELEBRATION
Auditorio 1
DURATION
1h
DESCRIPTION

Marc Rivero LópezMcAfee

In recent incidents in the sector it has been observed that ransomware was the cause of the attack and common elements (TTP) have been extracted with which they have attributed (sometimes incorrectly) the attribution of some of these families.

In the talk, we will talk about how ransomware in the crimeware ecosystem has decreased and how the company-centered approach has grown. It will also detail the operation of these families, in addition to unique characteristics that were not observed before.

Auditorio 1
1h
PLACE OF CELEBRATION
Auditorio 1
DURATION
1h
DESCRIPTION

Europe has to be able to prevent, react and protect its citizens against the different existing and future cyber threats, however there is currently a great need for professionals specialized in security in all its domains.

With the aim of promoting, retaining and attracting talent, the ECSC, tries to focus attention on young cybersecurity talents and at the same time encourage young students to choose studies in this area that allows In the near future, creating solid cybersecurity structures in education, business and industry.

Auditorio 1
1h
PLACE OF CELEBRATION
Auditorio 1
DURATION
1h
DESCRIPTION

Pablo González Pérez. Telefónica.

The emulation of adversaries is a scenario in which not only tools are thrown as can happen in an ethical hacking, but also an emulation of how an attacker operates, that is to say, since a threat materializes, all the steps are tried to be emulated. In the talk the ATT&CK matrix will be shown and everything that composes it will be explained.

The observation of the history of the threats is something fundamental to know techniques and tactics used by the threats, since in the immense majority of the occasions one can learn from this to combat future threats and already existing threats. In the talk you can see the use of tools such as Caldera or Infection Monkey, but it may be necessary to create your own tool in which you can easily incorporate knowledge of the community, the organization itself and team members. It shows how to create your own basic tool.

Auditorio 1
1h
PLACE OF CELEBRATION
Auditorio 1
DURATION
1h
DESCRIPTION

José Ángel Álvarez PérezMadrid City Council

How a child who started breaking things ended up defending the Public Administration systems.

Auditorio 1
1h
PLACE OF CELEBRATION
Auditorio 1
DURATION
1h
DESCRIPTION

Julio Martínez Martínez-Checa and Alejandro Espinosa Álvarez

Learn how a domestic PLC network works: the protocol, existing attacks, and how to mitigate them. We will explain the HomePlug AV protocol, what attacks exist and how to mitigate them through a live demo.

Auditorio 2
2h
PLACE OF CELEBRATION
Auditorio 2
DURATION
2h
DESCRIPTION

Pedro Candel. CS3 Group Security Services

During the development of the workshop, you will see how to create an exploit from scratch for each of the three well-known recent “logo” vulnerabilities such as Dirty COW, Specter and Meltdown. The development to be carried out is detailed for each of them. Once explained, the new attacks discovered will be detailed and how their exploitation is until finally reaching the last vulnerability discovered in Intel microprocessors.

Technical Requirements:

  • Attendees can bring their computer to follow the workshop guidelines although it is not necessary since the speaker will teach the workshop as a master class.
  • Equipment Requirements:
    • Attendees must previously install a virtual machine with everything necessary already prepared to be able to execute all commands and code snippets
    • The requirements will be to have 1 GB of free space on the hard disk and at least 512 MB of free RAM for that machine.
    • It is recommended in case of using Windows to use putty or similar to access the SSH of the VM.

Auditorio 2
2h
PLACE OF CELEBRATION
Auditorio 2
DURATION
2h
DESCRIPTION

Álvaro Núñez-Romero CasadoElevenPaths

iBombShell tool allows to download to memory different functionalities that a pentester may need in an audit.

Two work modes:

  • EveryWhere mode allows to have a prompt in any machine and in any moment;
  • Silently mode allows to inject an instance of iBombShell during a process of vulnerabilities exploitation for its remote control.

During the workshop there will be constant demonstrations about the different work modes and work with real scenarios, where the iBombShell modules allow different uses such as information collection, password extraction, lateral movement, UAC bypass ... regardless of the operating system you work with.

Technical Requirements:

  • Attendees can bring their computer to follow the workshop guidelines although it is not necessary since the speaker will teach the workshop as a master class.
  • Equipment Requirements:
    • Windows 10 machine, or
    • Windows 7 machine, or
    • Machine with Kali Linux.