This year we once again sponsored RootedCON, Madrid’s annual computer security conference. Our Professional Services team shared their highlights in this blog post.
Security professionals from all over the world attended to represent some of the most influential organizations in the cyber security sector. And it wasn’t only about speakers and delegates, it was also a brilliant opportunity for industry experts to network amongst their peers and share knowledge.
Following a growing number of requests to widen the scope and the capacity of the event, the RootedCON organizers introduced a second meeting room.
The impressive list of speakers included:
It goes without saying that Mikko is one of the most reputed cyber security experts in the world. Mikko provided some extremely interesting insights about the weaponization of the internet and state-of-the-art of cyberwarfare. Our entire infrastructure now depends on information technologies and we’re increasingly surrounded by IoT devices; Mikko encouraged delegates to consider how secure we really are against this kind of arms race.
Mikael talked about the security of our mobile operators, explaining how it is possible to acquire the approximate location of a determined person with a simple request to a free service. He also demonstrated techniques to exploit known vulnerabilities of 2G networks to decipher communications.
Fernando Rubio and Victor Recuero
Fernando and Victor demonstrated a (Microsoft) tool to monitor all the activity through Microsoft’s Active Directory. This tool enables anyone to learn user behavior and habits and use port mirroring (and redirecting to this tool) to generate alerts if unusual actions or attacks occur, without interacting with the network.
Alon offered a glimpse into the workings of the Android malware campaign known as HummingBad. Alon explained that this malware is installed when the user tries to close an ad, and that is is persistent enough to survive a factory reset. Analyzing this malware requires experience and specific skills, due to its anti-emulation techniques.
Abel introduced us to radare2. Abel talked delegates through the correct usage of radare2, basic commands and options, and how it can be scripted to simplify binary analysis. These scripting methods include searching strings in the binary and using Python to automate patching.
Selva Orejón and Eduardo Sánchez
Selva and Eduardo covered OSINT, discussing how the combination of technology, laws and investigation enabled the arrest of a “parasitic psychopath” who avoided the police for many years while he fraudulently exploited female victims.
Raul gave a complex talk about cryptography and the encryption used by WhatsApp. He gave a deeper, more detailed view of each step realized for each message sent and also discussed the disadvantages.
Hugo presented his own set of tools including a GUI for radare2, which allows users with less reversing experience to easily analyze binaries independently of the running platform, and a modular microcontroller shell to execute code in IoT devices.
We must congratulate the event organizers for delivering another successful RootedCON, maintaining the interest of the people and allowing us to participate in the experience once more. See you next year!