For those of you who haven’t heard about it, No cON Name is a Spanish security conference that takes place in Barcelona every year, where experts from all around Spain, and sometimes, around the world, gather to share their security-related findings.
This year, we attended a number of cool keynotes and workshops, in which we learned many things, from methodologies for malware infection vectors, to techniques that apply to other aspects of security, all of them affecting the ecosystem in which we live.
For example, there were some awesome sessions about reversing on OSX, about rooting on apple devices and EFI. There were other presentations related to malware, in which we could see some packer metrics, such as execution and memory performance.
Also, David Sancho @dsancho66 showed different samples that used steganography (the practice of concealing messages or information within other non-secret text or data) in the infection lifecycle, such as obtaining the new version of a malware from a URL hidden in an image.
Mario Diaz @ how to make a profit from ads on the Internet via DNS spoofing attacks and click exchange peer networks.
Vicente Aguilera @ presented methodologies used to extract information of a target using social networks such as Twitter.
And Sebastian Guerrero @0xroot explained how to evade protections and code obfuscation provided by frameworks used in mobile devices applications.
Overall, No cON Name has been outstanding, and we surely hope to attend next year.
Giovanni López & Marc Astals, Threat Analysts