SAMEDI 4 NOVEMBRE 2023
The Unlock Talks
Capitalizing on foreign digital interference campaigns. Viginum feedback
The Vigilance and Protection Service against Foreign Digital Interference (VIGINUM) has the mission of detecting and characterizing foreign digital interference operations and campaigns. These actions, which can employ different operational modes, are primarily characterized by malicious intent and result in inauthentic behaviors aimed at disseminating content with the purpose of compromising the fundamental interests of the Nation
Discovering the Biscuit authentication Token
For as long as I can remember, the issue of securely exchanging information has fascinated me. I first discovered JWT and its many intricacies, and then I was introduced to Macarons, which have the ability to be modified after creation. Today, I would like to present to you, with some simple drawings, the functioning of another Token that aims to combine the strengths of the two previously mentioned. I call it ‘Biscuit!
{SMS}-[Send MassiVE Sms]
Via video conference
In the midst of the information warfare and an energy crisis, the talk will “lead us” to reflect on these major crises. Through a “Green Hacking” project emerging from the bearded cabin, we will implement a solar-powered system capable of conducting autonomous and anonymous phishing SMS campaigns. We will revisit the methods used in such campaigns and discuss how to protect oneself against them. The presentation will provide a detailed explanation of how to build a device capable of launching SMS volleys on demand.
In two minutes, a hacker can give you a (digital) makeover
Via video conference
Every day, you unwittingly leave traces on the internet. During this presentation, Baptiste Robert will show you how a malicious individual can, with very little information (name, first name, pseudonym, etc.), come to know almost everything about your life.
B2B compromise: BOX 2 BACKBONE
The telecommunication networks of internet service providers play a crucial role in our work, lifestyle, and entertainment today. It goes without saying that they are tested and withstand small-scale cyberattacks. Really? In this talk, we will present how we managed to compromise an internet service provider’s network during an engagement. We will also delve into hardware with a quick reverse engineering of an internet box. A little bonus at the end: we went slightly beyond the scope.
Automatic classification and identification of packers based on morphological signatures
Packers are widely used tools to evade the detection and static analysis of malware. It is crucial to detect and identify these packers in order to apply specific extraction procedures while remaining less resource-intensive than dynamic analysis.
using rust to imprOve your embeDded development
Rust is a very hype programming language that provides good practices to reduce potential attacks opportunities, nevertheless it is far from being perfect. This talk proposes a summary of our lessons learnt while moving some of our embedded code from C/C++ to Rust. It highlights some of difficulties Rust as a language introduces when dealing with low level and hardware components. It also exposes some of the options we implemented to reduce SBOM dependencies and address CVE tracking and CI infrastructure.
Cyberattack at Brest University Hospital: hit but not sunK
8 months ago, Brest University Hospital was alerted to a critical security event on its information system. A few hours later, the hospital would be cut off from the internet, and crisis management would begin with one hope: that the attackers had not compromised the entire information system.
During this presentation, we will address the technical aspects of incident management, including the balance between forensics and remediation. We will also explore the perspective of a Chief Information Security Officer (CISO) who must balance the risks of an over-crisis with the need to resume healthcare activities. Finally, we will delve into the human aspects of a digital crisis.
prompt inJections : impacts sécuritaires sur cas réel
The limitations of GPT-X models have been quickly bypassed by the community through ‘prompt injection’ attacks. However, to date, these attacks have centered around the conversational aspect and the generation of content that goes beyond ethical and moral guidelines.
Beyond modus operandi: apt's criminal signature
Serious and organized cybercrime entities, as well as APT groups, are highly competent ecosystems that adapt to their objectives and their targets’ dispositions. What we do to counter them is to force-feed our SIEMs and EDRs with IoCs or create heuristics from stereotypical TTP playbooks formatted with a linear Cyber Kill Chain. Reflecting on the “Pyramid of Pain,” where the TTP is paramount, a Tactical Threat Intelligence Analyst and a Red Teamer are taking a step back. When you set up or join an offensive operation, you bring your knowledge, your preferences, and your comfort zone, which at a point are absorbed into the offensive organization’s heritage, be it technical, cultural, or organizational.