Diary

Home » Program » Diary

Provisional event agenda

Subscribe to Diary - RSS | Cybercamp

Thursday, November 30, 2017

Morning

Families workshops
10:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Workshop auditorium
11:00
1h.

EP1 - Companies and SMEs: cybersecurity is not an option

Marco Antonio Lozano

Currently, companies, and more specifically SMEs, have become the target of attacks by cybercriminals. Ransomware, phishing and other threats lurk on the internet to try to harm your business. This is an awareness talk about these risk. Additionally, there will be shown some proofs of concept so the attendees can see how cybercriminals act.

Technical workshops
11:00
2h.

T1 - Offensive and defensive security with machine learning

José Ignacio Escribano

The workshop will allow attendees to have a clear notion of the real state of artificial intelligence, its application to the world of cybersecurity and its potential / limitations in its application to other scenarios. References will be attached so that the assistant can be trained in this subject of great present and future.

Auditorium
12:00
1h.

A1 - Security in free social networks. Attacks and threats

Miguel Hernández Boza

In this conference we will study free social networks, their main characteristics and the security problems they may have. Attackers may be interested in attacking them and compromising systems foreign to them. The reason is simple, your security and your incident response team do not have the capacity of large "commercial" social networks.

 

Auditorium
13:00
1h.

A2 - Myths and truths about threats to industrial control systems

Josep Albors

For years now, we have been continually seeing news about cyber attacks on infrastructures, and not a few dare to predict almost apocalyptic scenarios.

Is the situation so bad? Are we headed to a catastrophic scenario without remedy? To try to answer these questions and reduce the level of alarmism, in this talk we will review the most notable recent incidents and analyze their possible real impact. In addition, we will analyze one of the most advanced malware discovered so far and that has been related to attacks on infrastructure related to the energy sector but that could also be used in other critical sectors. We talk about the Industroyer malware.

Families workshops
13:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Afternoon

Families workshops
15:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Auditorium
16:00
1h.

A3 - Advances in machine learning applied to cybersecurity

Alfonso Muñoz

The workshop will allow attendees to have a clear notion of the current state of artificial intelligence, its application to the world of cybersecurity and its potential / limitations in its application to other scenarios. References will be attached so that the assistant can be properly trained in this subject of great present and future.

Technical workshops
16:00
2h.

T2 - DFIR: Tracing lateral movements on day d.

Chema García

This workshop shows the use of a tool to automate the process of creating relationships between logon events from security events in Windows, showing a graphic relationship between users (domain or local), the machines involved in the relationship , duration of the session, etc. Allowing you to quickly consult which users had a session started at a certain time.

Likewise, the tool has several output modules, allowing integration with third-party tools and the exploitation of the resulting data: CSV, Neo4J, SQLite, Gephi, Graphviz, JSON.

Workshop auditorium
16:00
1h.

EP2 - The Talent of the 4th industrial revolution: the future is now.

Henar Rebollo Vega

The journey towards the 4th industrial revolution and the need to encourage among the youngest, especially girls and adolescents, the digital skills and STEM that this fourth industrial revolution demands. Industry 4.0 needs Talent 4.0.

Auditorium
17:00
1h.

A4 - Forensic Analysis of the 21st Century

Manuel Guerra - Unidad de Investigación Tecnológica

During the presentation, the new techniques in forensic analysis will be analyzed, as well as the difficulties that an analyst finds today when carrying out a digital evidence treatment.

Workshop auditorium
17:00
1h.

EP3 - Early detection of ransomware on Android

Lucía Álvarez González and José Antonio Gómez Hernández

The ransomware constitutes a threat of great impact for the security of equipment and users. On the one hand, it affects the confidentiality, integrity and especially the availability of our systems. On the other, by the economic extortion that it entails for the end user or company when demanding a ransom for the "potential" recovery of the kidnapped resources. In this context, the paper is the result of the article presented and awarded at the III National Cybersecurity Research Conference (Madrid, 2017). In it, a novel method for early detection of ransomware based on the interaction of this with the operating system is exposed. More specifically, we detail its implementation on Unix platforms, and we outline its transfer to other platforms. It also analyzes the current situation of this type of malware and the response mechanisms against this growing threat.

Theatre
17:00

Risks of Internet

Policía Nacional

Talk focused on the responsible use of the internet and how to avoid the dangers that affect children.

Auditorium
17:00
1h.

A4 - Forensic Analysis of the 21st Century

During the presentation, the new techniques in forensic analysis will be analyzed, as well as the difficulties that an analyst finds today when carrying out a digital evidence treatment.

Workshop auditorium
18:00
90m.

EP4 - Companies and SMEs: cybersecurity is not an option

Marco Antonio Lozano

Currently, companies, and more specifically SMEs, have become the target of attacks by cybercriminals. Ransomware, phishing and other threats lurk on the internet to try to harm your business. This is an awareness talk about these risk. Additionally, there will be shown some proofs of concept so the attendees can see how cybercriminals act.

Technical workshops
18:00
2h.

T3 - Blockchain and the Schrödinger's cat

Competitions
18:00
2h.

COM1 - Welcome to the world of CTF

Javier Rodríguez Bouza and Daniel Fernández Rodríguez

Welcome to the world of CTF is a practical workshop targeted to all those who wish to initiate themselves into the world of safety competitions, or those who, already having knowledge, want to discover alternative techniques, or simply share a group experience in a type of competitions where usually participation is individual.

At this workshop, two of the mentors of the national team of the European CyberSecurity Challenges (current champion) will pose a set of common challenges in the CTFs proposed as exercises that will be resolved by the participants of the workshop. To participate, you just need to bring your laptop with your arsenal of favorite hacking tools and we will initiate you in this type of competitions.

Auditorium
18:00
1h.

A5 - Securing APIs with RSA Cryptography: Beyond SSL

Tomás García Merás Capote

This talk teaches how to protect a REST API with electronic signatures and digital envelopes, all through free software libraries available in the GitHub repository of the Technology Transfer Center of the Government of Spain.

Families workshops
18:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Families workshops
19:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Auditorium
19:00
1h.

A6 - User Geolocation Bots in Telegram

Eduardo Sánchez Toríl

The purpose of the presentation is to see how, from the use of bots, we can obtain user information through the use of digital beacons that will be passed to users based on their interaction with the bots. We will carry out the use of Chatfuel for the development of the bots and provide them with behavior. These bots will be able to interact with users in particular or with groups of users, passing different information links that users request, which means that we can obtain more information about them since these links are marked.

Friday, December 1, 2017

Morning

Auditorium
10:00
1h.

A7 - Dirty Harry vs. Mr Robot

Competitions
10:00
10h.

Hackathon

The Hackathon begins with the opening ceremony, followed by the public presentation of the competing projects by the finalist teams. At the end of each presentation, there will be a turn of questions and suggestions by the jury, the rest of the participants and the public attending the event, aimed at guiding the development of each project during the competition.

After the presentation, the competition will begin, during which each team will develop its tool, solution and / or open source application in the field of cybersecurity.

The final evaluation will take place on Sunday, December 3 at 10:00 AM, and all aspects will be taken into account: the value and usefulness of the project and the developments (improvements, bug fixes, extension of functionality, etc.). ) made during the competition at the proposal of the jury, the participants themselves and the other teams.

Technical workshops
10:00
1h.

T4 - INCIDENTS IN THE CLOUD ... AND NOW WHAT ?, AS FAAS

Lórien Doménech Ruiz

This presentation will be very useful for the general public that operates in the cloud and in particular to the professionals of DFIR (Incident Response and Digital Forensic). With a practical approach and as an evolution of DFIR work focused on the cloud and called FAAS (Forensic as a Service). You can see how to alleviate incidents and how to perform an extraction of digital evidence with software (hosted on GitHub) created for this purpose, with all the guarantees associated with forensic work in a cloud environment.

Families workshops
10:00
1h.

Security and Privacy in Internet services

At the end of the workshop the student will know the main security features in Internet services. You will learn how to configure privacy in your email and in your social media accounts. You will know the risks of sharing your personal information on the internet.

Workshop auditorium
10:00
2h.

EP5 - Hackathon presentation

The participants of the Hackathon will show the software and hardware developments achieved during the competition.

Families workshops
11:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Technical workshops
11:00
1h.

T5 - WinReg MiTM: Simple Injection and Remote Fileless Payload Execution

Santiago Hernández Ramos

This paper presents an analysis of the security problems in the implementation of the Remote Registry protocol of the latest Windows operating systems (such as Windows 10). The analysis shows how these weaknesses can be used by an attacker through the application of the man in the middle technique for writing arbitrary data in the Windows Registry of the victim's computer, and consequently, remote code execution.

Auditorium
11:00
1h.

A8 - AlertCopsv4, bringing the Security Forces of the State closer to the citizen

Francisco Alonso Batuecas and Carmelo Martínez

This presentation is about this pioneering initiative in the European Union for the attention and global management of citizen security alerts. AlertCops is a direct, discreet and effective channel, and complementary to existing ones, to communicate a fact of which one is a victim or witness, with the nearest Civil Guard or National Police center.

The next version, AlertCops 4.0, incorporates a package of capabilities that constitutes a qualitative leap in the service provided so far, in many aspects. AlertCops will go from being a channel of unidirectional notification of alerts to a public integral and universal public safety service.

Families workshops
12:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Competitions
12:00
5h.

CyberOlympics

CyberOlympics is a championship oriented to educational centers of Secondary Education, Baccalaureate and Vocational Training at national level. In this competition, technical skills in different fields of Internet security and new technologies are tested through a series of skill challenges in wargame mode.

Auditorium
12:00
30m.

Institutional opening ceremony

The event is inaugurated by:

  • José María Lassalle, Secretary of State for Information Society and Digital Agenda
  • Gema Igual, Mayor of Santander
  • Francisco Fernández, Education, Culture and Sports Councillor of the Government of Cantabria
  • Ángel Pazos, Rector of the University of Cantabria (UNICAN)
Workshop auditorium
12:30
1h

EP6 - Cybersecurity Lecture

Auditorium
12:30
1h.

A9 - Keynote - Nico Waisman - The unbearable lightness of IPMI

Nico Waisman

Behind each page that we navigate, mail that we send, cloud that we visit, there is a small and dark microprocessor listening, monitoring and waiting for the moment to do a hard reset. What is it? How he thinks? And above all, how can we hack it? Welcome to the world of IPMI and out of managment networks. Through this paper we will seek to understand the risks, the surfaces of attack and the different vulnerabilities that these devices present and to understand how far we can go, once they have been compromised.

Technical workshops
12:30
2h.

T6 - To cloud or not to cloud: Automating security audits and hardening in cloud systems

Antonio Fernández Basilio

In this workshop, relying on several solutions both open source and own is shown as a malicious actor that can cause a data leak, compromise our credentials or make improper use of our authentication systems, APIs, interfaces... using exploits against the design of the infrastructures. It will also try to explain how to build tools that help to correct these detected vulnerabilities.

This workshop would not have been possible without the collaboration of Claudio Chifa.

Technical workshops
13:30
1h.

EP7 - SMB spider with PowerShell

Auditorium
13:30
45m.

A10 - The art of cyberwar: knowing the enemy to prepare a better defense

Mario Guerra Soto. Joint Cyber ​​Defense Command.

Afternoon

Families workshops
13:00
1h.

Security in Smartphones & Wearables

At the end of the workshop the student will apply the basic security settings in phones with "Android" and "IOS" operating systems. You will know what Wearables devices are and what security problems they can cause.

Technical workshops
16:00
1h.

T7 - Threat Intelligence - From what it is to how I do it

Families workshops
16:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Technical workshops
16:00
1h.

EP8 - The day to day of a computer forensic

Bruno Perez Juncá

The day to day life of a forensic computer scientist will be presented using the analogy between a digital autopsy and a forensic anatomic autopsy as a teaching resource. The aim of the paper is to awaken new talents and show the great opportunity of new professions that are being created thanks to this digital world that is already invading us both at work and personally. The real cases that have been worked on in the last months are explained, showing the reality of the victims who suffer scams or other types of technological crimes.

Auditorium
16:30
1h.

A12 - Internet as a new space for citizen participation and collaboration

Ángel Pablo Avilés

Keynote that will focus on the importance of social networks as a new way of bi-directional communication between citizens and the State Security Forces.

Technical workshops
17:00
1h.

T8 - Lecture: Anatomy of a modern malware: How easy the bad guys can f*** the world

Francisco José Ramírez Vicente

In this master class will be detailed the tremendous simplicity and how easy it is to modulate (basically copy and paste), by a "bad boy", a malware through vulnerabilities and recent techniques published in the last year. The Fileless & Fileless2 technique to make UAC bypass or create persistence in Windows without using the victim's hard drive, have already been used in several malware campaigns and will be treated in the chat.

 

Families workshops
17:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Technical workshops
17:00
1h.

EP9 - New Paradigms of Content-Based Analysis for the Detection of Spam in Social Networks

Auditorium
17:30
30m.

A13 - CyberOlympics awards ceremony

Come and know who is the winner of this year's edition of CyberOlimpics! You can see how good are centers in Spain  in cybersecurity values!

Families workshops
18:00
1h.

Security in Smartphones & Wearables

At the end of the workshop the student will apply the basic security settings in phones with "Android" and "IOS" operating systems. You will know what Wearables devices are and what security problems they can cause.

Auditorium
18:00
1h.

A14 - Testing UAC on Windows 10

Ernesto Fernández Provecho

The objective of this conference is to present one of the most used attacks to gain administrator privileges on Windows 7, 8 and 10 systems, the "UAC attacks bypass", as well as to show a new method based on one already known to perform such attacks on Windows 8 and 10 systems.

Workshop auditorium
18:00
90m.

EP10 - Companies and SMEs: cybersecurity is not an option

Marco Antonio Lozano

Currently, companies, and more specifically SMEs, have become the target of attacks by cybercriminals. Ransomware, phishing and other threats lurk on the internet to try to harm your business. This is an awareness talk about these risk. Additionally, there will be shown some proofs of concept so the attendees can see how cybercriminals act.

Technical workshops
18:00
2h.

T9 - The mobile killed the smart card

Auditorium
18:00
1h.

A14 - Testing UAC in Windows 10

The objective of this conference is to present one of the most used attacks to gain administrator privileges on Windows 7, 8 and 10 systems, the "UAC attacks bypass", as well as to show a new method based on one already known to perform such attacks on Windows 8 and 10 systems.

Competitions
18:30
2h.

COM2 - Welcome to the world of CTF

Javier Rodríguez Bouza and Daniel Fernández Rodríguez

Welcome to the world of CTF is a practical workshop targeted to all those who wish to initiate themselves into the world of safety competitions, or those who, already having knowledge, want to discover alternative techniques, or simply share a group experience in a type of competitions where usually participation is individual.

At this workshop, two of the mentors of the national team of the European CyberSecurity Challenges (current champion) will pose a set of common challenges in the CTFs proposed as exercises that will be resolved by the participants of the workshop. To participate, you just need to bring your laptop with your arsenal of favorite hacking tools and we will initiate you in this type of competitions.

Families workshops
19:00
1h.

Security and Privacy in Internet services

At the end of the workshop the student will know the main security features in Internet services. You will learn how to configure privacy in your email and in your social media accounts. You will know the risks of sharing your personal information on the internet.

Workshop auditorium
19:00
1h.

EP11 - Mathematics in the evolution of cryptography

Saturday, December 2, 2017

Morning

Competitions
10:00
10h.

Hackathon

The 10 finalist teams of the Hackathon will compete with tools, solutions and / or open source applications on which they have been working for a while (weeks, or even months or years), and therefore they are more mature and consolidated. To do this, all teams will publicly present their project (new or existing) to the jury and the rest of the participants during the initial evaluation of the competition. During the competition, the participants will develop their proposal, and finally they will present the whole project and the functionalities or improvements developed.

The final evaluation will take into account all aspects: the value and usefulness of the project and the developments (improvements, correction of errors, extension of functionality, etc.) made during the competition at the proposal of the jury, the participants themselves and the other teams.

Families workshops
10:00
30 minutes

Time to install a parental control

Josep Albors

Initiation guide where parents will be explained how to use a useful tool such as parental control on mobile devices and computers.

Technical workshops
10:00
2h.

T10 - Sniffing of web traffic evading some measures

Competitions
10:00
8h.

CTF individual

The individual CTF is a competition that consists of a series of individual challenges which aim to empower the new promises of Cybersecurity. The final challenge is a simulation of a real environment where participants can test their skills.

Workshop auditorium
10:00
2h.

EP12 - World of Wordpress

Manuel Camacho

The workshop will consist of, initially, analyzing the WordPress CMS, discovering what methods exist and can be easily applied to protect WordPress sites, both at the server level and at the back-end level. In addition, you will be instructed to block access from anonymous networks and to protect against DoS attacks. All with tools 100% free.

Families workshops
10:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Auditorium
10:00
1h.

A15 - "Mistery Hack" (This presentation will not be issued by vidiostreaming)

Raúl Siles

Can the client of a hotel hack their technologies and control all the accommodation? Discover it through a real case of hacking carried out this summer. Due to the importance of the tourism sector in our country, are we prepared to strategically invest in hotel and technological cybersecurity?

Families workshops
10:30
30 minutes

Sexting and flirting applications

David Cortejoso

It will analyze what sexting is and why children practice it, what are the problems associated with sexting itself, why it is a phenomenon that is increasing among children, what guidelines should be given from the family and will be discussed about the apps and flirting services.

Families workshops
11:00
30 minutes

Dangerous communities vs. positive communities

Ángel Pablo Avilés

The differences and criteria will be analyzed to identify and differentiate communities or websites that contain some type of danger for minors, as well as to provide recommendations to prevent and act against said problem.

Auditorium
11:00
1h.

A16 - INCIBE

Beatriz Soto

The National Cybersecurity Institute of Spain (INCIBE), a subsidiary of the Ministry of Energy, Tourism and Digital Agenda (MINETAD) through the Secretariat of State and for the Information Society and Digital Agenda (SESIAD), is the entity of reference for the development of cybersecurity and digital confidence of citizens, the Spanish academic and research network (RedIRIS) and companies, especially for strategic sectors. 

Families workshops
11:30
30 minutes

Learning to use a smartphone safely

Josep Albors

It will teach to use a smartphone safely and learn to identify and avoid potential risks.

Auditorium
12:00
1h.

A17 - Tempest Revolution 2.0

Pedro Candel

In this presentation, we will demonstrate the evolution of the Tempest project that allowed to transmit signals in morse code and receive them with a medium wave AM receiver. It has been achieved through its evolution to "Tempest Revolution 2.0" transmit information using different sounds modulated by the CPU itself (it would sound similar to the old telephone modems), -without need of any external connectivity-, which allow a higher bitrate and security in the reception of the data, guaranteeing its confidentiality in order to exfiltrate the secrets of an isolated team.

Technical workshops
12:00
2h.

T11 - Autopsying Whatsapp

Manuel Guerra

The idea of this workshop, eminently practical, is to demonstrate and show all the information that can be extracted from the most used instant messaging application in Spain and in the rest of Europe: WhatsApp.

Theatre
12:00
1h.

The glass shoe

A boy and a girl addicted to their cell phones share everything as best friends. The friendship and trust that they have is unquestionable for them, to the point of sharing their passwords through instant messaging. However, the consequences will be unexpected ...

Families workshops
12:00
30 minutes

The phenomenon of cyberbullying

David Cortejoso

The main aspects that define cyberbullying will be discussed: definition of the phenomenon, actors involved, mechanisms to carry it out, as well as how to suspect and detect it and how to act in such situations.

Technical workshops
12:00
2h.

EP13 - My perfect cloud

Adrián Ramírez

At this fun and interactive workshop a 100% OpenSource cloud will be built from 0. In it, you can store all kinds of files, share all types of files safely with other users and even view documents and photos online. To finish, it will be taught how to increase the security of the cloud before leaving it free through cyberspace.

Families workshops
12:30
30 minutes

Age for your first mobile?

Ángel Pablo Avilés

The pros and cons of allowing minors to have their own mobile device at a certain age will be discussed. We will talk about key aspects such as the child's maturity, the main use of the mobile phone, risks and their prevention, and how to get them to use it responsibly.

Auditorium
13:00
1h.

A18 - Keynote - Javier Rodríguez - Cyberinteligence in the 21st century.

Javier Rodríguez

Currently, cyber-intelligence is taking a very prominent role in companies. There are already specific departments that are dedicated to this discipline. But really, what is cyber intelligence ?, What is intended with it ?, Where does it take its value and where does it not? This talk will try to better understand what intelligence is and where it can add value in the world of cybersecurity.

Afternoon

Families workshops
13:00
30 minutes

Time to install a parental control

Josep Albors

Initiation guide where parents will be explained how to use a useful tool such as parental control on mobile devices and computers.

Families workshops
13:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Theatre
13:00
1h.

Eye! Contrast

Two children meet with a message that arrives at their computer in which they are informed of an alarming situation that is about to happen. Without questioning or sharing the message with their immediate surroundings (father, mother, brothers, etc.) they begin to carry out actions in an unreflective and meaningless way.

Families workshops
13:30
30 minutes

Privacy: so important to my child's future?

David Cortejoso

They will talk about what is privacy in ICT, the importance of safeguarding the privacy of minors, giving reasons and concrete examples so that parents can assess how it can affect them now and in their future, and will discuss the importance of not sharing images of minors in the network.

 

Families workshops
14:00
30 minutes

Parental Mediation: Should we spy on our children?

Ángel Pablo Avilés

The importance of parental mediation and digital education from the family in the prevention of the dangers of ICT in minors will be addressed. We will discuss the differences between digital education and parental espionage by talking about where is the appropriate limit in digital education, emphasizing the rights of minors to privacy in their electronic communications.

Families workshops
14:30
30 minutes

Learning to use a smartphone safely

Josep Albors

It will teach to use a smartphone safely and learn to identify and avoid potential risks.

Technical workshops
16:00
2h.

T12 - Create your own Hacking platform with Docker: distributed, scalable, cheap and easy to maintain

Auditorium
16:00
1h.

A19 - UAC Bypass & Research with UAC-A-Mola

Pablo González

UAC-A-Mola is a new framework designed to investigate, detect, exploit and mitigate weaknesses called UAC derivations. These weaknesses are found in Microsoft Windows operating systems. UAC-A-Mola allows to automate the detection of a UAC derivation in a machine with Windows 7 / 8 / 8.1 / 10. UAC-A-Mola allows different customizable modules to automate the research in the search of UAC derivations, mainly, in the file and the hijacking of DLL.

The document will detail the IDEM methodology (Research, Detection, Exploitation and Mitigation). In addition, it will also be explained how the tool has been developed and how the community can use and improve it. It is an open source project.

Theatre
16:00
1h.

The glass shoe

A boy and a girl addicted to their cell phones share everything as best friends. The friendship and trust that they have is unquestionable for them, to the point of sharing their passwords through instant messaging. However, the consequences will be unexpected ...

Families workshops
16:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Technical workshops
16:00
2h.

EP14 - BadUSB

Miguel Carrillo

In this workshop will be analyzed an analysis of the vulnerability caused by the injection of commands / payloads through a USB memory modified to the keyboard will be performed. Also will be analyzed the creation of the device and the corresponding exploitation.

Families workshops
16:00
30 minutes

Learning to use a smartphone safely

Josep Albors

It will teach to use a smartphone safely and learn to identify and avoid potential risks.

Families workshops
16:30
30 minutes

The phenomenon of cyberbullying

David Cortejoso

The main aspects that define cyberbullying will be discussed: definition of the phenomenon, actors involved, mechanisms to carry it out, as well as how to suspect and detect it and how to act in such situations.

Auditorium
17:00
1h.

A20 - AlertCopsv4, bringing the Security Forces of the State closer to the citizen

Francisco Alonso Batuecas and Carmelo Martínez

This presentation is about this pioneering initiative in the European Union for the attention and global management of citizen security alerts. AlertCops is a direct, discreet and effective channel, and complementary to existing ones, to communicate a fact of which one is a victim or witness, with the nearest Civil Guard or National Police center.

The next version, AlertCops 4.0, incorporates a package of capabilities that constitutes a qualitative leap in the service provided so far, in many aspects. AlertCops will go from being a channel of unidirectional notification of alerts to a public integral and universal public safety service.

Theatre
17:00
1h.

Eye! Contrast

Two children meet with a message that arrives at their computer in which they are informed of an alarming situation that is about to happen. Without questioning or sharing the message with their immediate surroundings (father, mother, brothers, etc.) they begin to carry out actions in an unreflective and meaningless way.

Families workshops
17:00
1h.

Security in Smartphones & Wearables

At the end of the workshop the student will apply the basic security settings in phones with "Android" and "IOS" operating systems. You will know what Wearables devices are and what security problems they can cause.

Families workshops
17:00
30 minutes

Age for your first mobile?

Ángel Pablo Avilés

The pros and cons of allowing minors to have their own mobile device at a certain age will be discussed. We will talk about key aspects such as the child's maturity, the main use of the mobile phone, risks and their prevention, and how to get them to use it responsibly.

Families workshops
17:30
30 minutes

Sexting and flirting applications

David Cortejoso

It will analyze what sexting is and why children practice it, what are the problems associated with sexting itself, why it is a phenomenon that is increasing among children, what guidelines should be given from the family and will be discussed about the apps and flirting services.

Auditorium
18:00
1h.

A21 - Hacking TOR & Freenet for fun, profit and stop the evil

Daniel Echeverri

It will deal with the detection of vulnerabilities, pentesting and exploitation in hidden services in TOR, a replication of services hidden in TOR and injection of malicious Javascript routines, the use of insecure functions in the Freenet API, the creation of malicious add-ons and without verification of content by the instance and an execution of arbitrary code in Freenet instances using malicious encryption keys.

Families workshops
18:00
1h.

Security and Privacy in Internet services

At the end of the workshop the student will know the main security features in Internet services. You will learn how to configure privacy in your email and in your social media accounts. You will know the risks of sharing your personal information on the internet.

Families workshops
18:00
30m.

PEGI 18: What do the children play?

The PEGI system of videogame cataloging by age will be described, as well as videogames and the risks that most influence minors today.

Technical workshops
18:00
2h.

EP15 - Privacy and anonymity on the Net: Basic use of Tor Browser

Francisco Jesús Rodríguez

The aim of the workshop is to explain in a simple and clear way the different existing technologies to preserve our privacy and anonymity in the network through the use of Proxys, VPN and the TOR network. We will see what they are and the differences between them. Basic notions will be given on the use of the browser that allows us to navigate using the Tor: Tor Browser network. The workshop is intended for people concerned about their privacy and anonymity and who want to introduce themselves in the use of this technology.

Technical workshops
18:00
2h.

T13 - RedTeam, Hacking in another dimension.

Alejandro Ramos

The aim of the workshop is to explain how hacking techniques have evolved and the conceptual ways of dealing with security failures in an organization. During the workshop, what is a RedTeam team will be introduced, also what its objectives are and how it achieves them, as well as some demonstrations of the usual techniques, tactics and procedures.

Families workshops
18:30
30 minutes

Dangerous communities vs. positive communities

Ángel Pablo Avilés

The differences and criteria will be analyzed to identify and differentiate communities or websites that contain some type of danger for minors, as well as to provide recommendations to prevent and act against said problem.

Theatre
19:00
1h.

Until life separates us

A love story between two young people in which the absolute surrender, the loss of individuality and the blind trust that one has for the other is clearly palpable. The problem comes when the relationship deteriorates, as both will use all the intimate information shared to hurt themselves ...

Auditorium
19:00
1h.

A22 - How the Spanish team managed to beat the ECSC2017

Winners of the European Cyber Security Challenge

In this talk, members of the Spanish cybersecurity team will tell how they managed to win the victory of the biggest cybersecurity competition in Europe in 2017.

Families workshops
19:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Families workshops
19:00
30 minutes

Privacy: so important to my child's future?

David Cortejoso

They will talk about what is privacy in ICT, the importance of safeguarding the privacy of minors, giving reasons and concrete examples so that parents can assess how it can affect them now and in their future, and will discuss the importance of not sharing images of minors in the network.

 

Families workshops
19:30
30 minutes

Parental Mediation: Should we spy on our children?

Ángel Pablo Avilés

The importance of parental mediation and digital education from the family in the prevention of the dangers of ICT in minors will be addressed. We will discuss the differences between digital education and parental espionage by talking about where is the appropriate limit in digital education, emphasizing the rights of minors to privacy in their electronic communications.

Sunday, December 3, 2017

Morning

Families workshops
10:00
30 minutes

Learning to use a smartphone safely

Josep Albors

It will teach to use a smartphone safely and learn to identify and avoid potential risks.

Technical workshops
10:00
2h.

EP16 - Hackathon presentation2

The participants of the Hackathon will show the software and hardware developments achieved during the competition.

Technical workshops
10:00
2h.

T14 - Criptografy applicated

Jorge Ramió

In this workshop, after a brief introduction to modern digit systems, the operation of the AES algorithms (for encryption, decryption, function tracking and brute force attack example) and RSA (for key generation, encryption, deciphered and examples of attacks by whole factorization, by cyclic encryption and by birthday paradox).


Afterwards, some practices of its execution will be carried out from the following software: AESphere, genRSA v2.1 and OpenSSL, Win64 OpenSSL v1.1.0g.


If you want to follow the workshop with a personal laptop, it is advisable to have previously downloaded and installed these three programs, although they can also be downloaded from the workshop.

Competitions
10:00
4h.

Hackathon

After three days of tough competition, the Hackathon comes to an end with the public presentation of the finalist projects presented by their teams. Each team will have a turn to present their work, during which they will show the result of it, how the suggestions and proposals received during the competition have been incorporated and the benefits their project brings to the cybersecurity community. After the presentation of all the teams, the jury will make the final deliberation and publish the results around 12:00 AM.

Families workshops
10:00
1h.

Security and Privacy in Internet services

At the end of the workshop the student will know the main security features in Internet services. You will learn how to configure privacy in your email and in your social media accounts. You will know the risks of sharing your personal information on the internet.

Auditorium
10:00
1h.

A23 - Am I already a hacker? Professional development of technicians, opportunities!

Enrique Serrano

You are a technical person, you already have a considerable training in IT Security, you continue to learn constantly and have even gotten your first job. And now? You have 40 years of working life and only you decide how they will be. Stop and think. It's your moment, it's time to decide where you want to direct your work life, and even personal. This lecture will help you in these matters.

Competitions
10:00
2h.

COM3 - Welcome to the world of CTF

Javier Rodríguez Bouza and Daniel Fernández Rodríguez

Welcome to the world of CTF is a practical workshop targeted to all those who wish to initiate themselves into the world of safety competitions, or those who, already having knowledge, want to discover alternative techniques, or simply share a group experience in a type of competitions where usually participation is individual.

At this workshop, two of the mentors of the national team of the European CyberSecurity Challenges (current champion) will pose a set of common challenges in the CTFs proposed as exercises that will be resolved by the participants of the workshop. To participate, you just need to bring your laptop with your arsenal of favorite hacking tools and we will initiate you in this type of competitions.

Families workshops
10:30
30 minutes

The phenomenon of cyberbullying

David Cortejoso

The main aspects that define cyberbullying will be discussed: definition of the phenomenon, actors involved, mechanisms to carry it out, as well as how to suspect and detect it and how to act in such situations.

Families workshops
11:00
30 minutes

Age for your first mobile?

Ángel Pablo Avilés

The pros and cons of allowing minors to have their own mobile device at a certain age will be discussed. We will talk about key aspects such as the child's maturity, the main use of the mobile phone, risks and their prevention, and how to get them to use it responsibly.

Auditorium
11:00
1h.

A24 - The dark side of embedded systems

Aarón Flecha

Industry 4.0 incorporates a multitude of devices, most of them have embedded systems and secure them is a challenge for many companies. In order to help these companies, some cybersecurity researchers are responsible for carrying out pentesting work, providing a real vision of the situation in which the embedded systems of the devices are located and improving the cybersecurity of the environments in which they are housed. These tests usually have as scope both communications, permissions provided to users or files, services in execution and many other aspects, in some cases typical of embedded systems.

This presentation is the result of our own experience in this type of work and the research carried out by the speaker for months inside and outside different professional and personal projects.

Families workshops
11:00
1h.

Identification of Internet Risks

At the end of the workshop the student will know the different threats and risks that the daily use of the internet supposes. Online stores and emails are not exempt from these risks.

Families workshops
11:30
30 minutes

Time to install a parental control

Josep Albors

Initiation guide where parents will be explained how to use a useful tool such as parental control on mobile devices and computers.

Technical workshops
12:00
2h.

T15 - Why would I want (or not) to play Connect4 in a Blockchain?

Jesús Díaz

Blockchain is a technology that is increasingly on everyone's lips. It allows the creation of very complex ecosystems that combine technological, economic and even philosophical and social aspects, which at the same time makes it very attractive.

As a technological basis, using blockchain can have implications for the privacy of information or tolerance to failures and malicious agents, among others. In this talk, using the game of Connect4 as a didactic example, we will study these criteria to better understand the technology and decide when to use it and when not.

Theatre
12:00
1h.

The glass shoe

A boy and a girl addicted to their cell phones share everything as best friends. The friendship and trust that they have is unquestionable for them, to the point of sharing their passwords through instant messaging. However, the consequences will be unexpected ...

Auditorium
12:00
1h.

A25 - The children of the Black Dragon or how Bureau 121 enters your system

Pedro Sánchez

The conference shows the investigation carried out for the discovery of a group known as Bureau 121 wich belongs to the government of North Korea and uses infrastructure of Chinese companies to attack IT companies around the world.

In the conference you will see step by step the research done after an attack by this group, how it was detected, what tools were used and how the attack was reduced. Likewise, it will be seen the tools used and the lateral attacks that used this group, many of them novel, in conjunction with exploits of 0-day.

Families workshops
12:00
1h.

Security on a PC

At the end of the workshop the student will know the main security features in a PC with Windows operating system versions 7, 8.1 and 10.

Families workshops
12:00
30 minutes

Sexting and flirting applications

David Cortejoso

It will analyze what sexting is and why children practice it, what are the problems associated with sexting itself, why it is a phenomenon that is increasing among children, what guidelines should be given from the family and will be discussed about the apps and flirting services.

Technical workshops
12:00
1h.

EP17 - Talk by the Spanish Agency of Data Protection

Andrés Calvo and Julián Prieto

At this talk given by staff of the Spanish Agency of Data Protection, te following topics will be discussed:

  • Challenges and answers to comply with the new data protection regulations - Given by Andrés Calvo
  • The Spanish Agency of Dat aProtection and Minors - Given by Julián Prieto
Families workshops
12:30
30 minutes

Dangerous communities vs. positive communities

Ángel Pablo Avilés

The differences and criteria will be analyzed to identify and differentiate communities or websites that contain some type of danger for minors, as well as to provide recommendations to prevent and act against said problem.

Technical workshops
13:00
1h.

EP18 - Hacking your attitude

Daniel Echeverri

Focused on those people who intend to start in the computer world, it is explained, from the point of view of the speaker, some issues to consider before making such an important decision as choosing a profession.

Auditorium
13:00
1h.

A26 - Cybercrimes: in clarity and darkness

Francisco Jesús Rodríguez and Luis Fernández Prieto

The aim of the paper is to show how from INCIBE we detect cybercrimes in the darkness of the Deep Web using three fundamental factors: the power of technology development for the automation of tasks, applied research in fields such as Artificial Intelligence and experience of the final user (State Security Forces and Bodies). Likewise, an example of the closest cybercrime will be exposed, crimes that occur on Surface web, which seek to obtain the greatest possible number of victims and that directly affect Spanish domains.

Auditorium
14:00
90 m.

A27 - Closing and awards ceremony

 Closing of the event where everyone can enjoy the best sensations experienced these days. There will also take place the awards ceremony of the competitions. Come and meet the winners of the best cybersecurity competitions nationwide!

Afternoon

Families workshops
13:00
1h.

Security in Smartphones & Wearables

At the end of the workshop the student will apply the basic security settings in phones with "Android" and "IOS" operating systems. You will know what Wearables devices are and what security problems they can cause.

Theatre
13:00
1h.

Until life separates us

A love story between two young people in which the absolute surrender, the loss of individuality and the blind trust that one has for the other is clearly palpable. The problem comes when the relationship deteriorates, as both will use all the intimate information shared to hurt themselves ...

Families workshops
13:00
30 minutes

Privacy: so important to my child's future?

David Cortejoso

They will talk about what is privacy in ICT, the importance of safeguarding the privacy of minors, giving reasons and concrete examples so that parents can assess how it can affect them now and in their future, and will discuss the importance of not sharing images of minors in the network.

 

Families workshops
13:30
30 minutes

Parental Mediation: Should we spy on our children?

Ángel Pablo Avilés

The importance of parental mediation and digital education from the family in the prevention of the dangers of ICT in minors will be addressed. We will discuss the differences between digital education and parental espionage by talking about where is the appropriate limit in digital education, emphasizing the rights of minors to privacy in their electronic communications.