Agenda
1 OCT
14:05 - 14:10 -> Opening remarks, Bernhards Blumbergs
(CERT.LV);
4:10 - 15:00 -> Communication in HyperV, Jaanus Kääp
(EE),
This talk will give an overview of some of the communication paths and methods used
by Windows in the HyperV environment, with emphasis put on the knowledge needed to
intercept such
traffic for research and fuzzing. Speaker will also make one of his own tools public
that allows
sending, recording, and fuzzing hypercalls;
15:10 - 16:00 -> An Overview of the Ransomware Defense Evasion
Techniques, Alexander Adamov (UA),
The talk will shed light on the defense bypassing techniques used in the targeted
ransomware attacks this year;
16:10 - 17:00 -> Made in Latvia: Slack RCE, Oskars
Veģeris (LV),
The talk will present a case study on how to debug & exploit modern ElectronJS
applications;
17:05 - 17:20 -> Overview of the CTF day one, Hans
Lõugas (EE).
2 OCT
14:05 - 14:10 -> Opening remarks, Bernhards Blumbergs
(CERT.LV);
14:10 - 15:00 -> Up your Threat Hunting Game using Yara,
Dan Demeter
(RO),
Talk aims to provide the audience hands-on experience to the industry wide pattern
matching tool called Yara and how you can start creating your own hunting rules in a
matter of
hours;
15:10 - 16:00 -> Metadata in Digital Photos: IP, Data
protection and
Forensics, Kārlis Apalups (LV),
Aim of the talk is to show how metadata in digital photos can be used for different
purposes and is a liability if disregarded as non important;
16:10 - 17:00 -> A Deep Dive into Emotet's Email Stealing
Module, James
Quinn (US),
The talk aims to give a hands-on walk through Emotet's Email Stealing Module,
including explanations of the Com Objects, and tips/tricks for walking through them;
17:05 - 17:15 -> Overview of the CTF day two and winner
announcement,
Hans Lõugas (EE);
17:15 - 17:20 -> CTF awarding ceremony, Uldis Lībietis
(LV).
Speakers
Jaanus Kääp == {Security Researcher, Clarified Security,
EE;
His expertise is currently focusing on penetration testing,
exploit development, and security research.
}
Alexander Adamov == {Founder and CEO, NioGuard Security
Lab, UA;
Dr. Alexander Adamov analyses the newest breeds of ransomware
and explores AI/ML capabilities to detect cyberattacks.
}
Oskars Veģeris == {Security Engineer, Evolution Gaming, LV;
His focus is on application, system security and exploitation
research.
}
Dan Demeter == {Senior Security Researcher, Kaspersky, RO;
Dan graduated from Imperial College London and holds a Master
of Engineering in Software Engineering. He then joined Kaspersky Lab in 2014 where his
work
focuses on developing threat intelligence systems, processing big data and creating new
technologies to fight advanced persistent threats.
}
Kārlis Apalups == {Security Consultant, TET Group, LV;
He has seven years experience in security industry, working in
public and private sectors as security specialist (both Physical and Cyber). Currently
holds BA
in Organisation Security and studies MBA in Cybersecurity Management.
}
James Quinn == {Threat Reseracher, Binary Defense, US;
James works at Binary Defense as a Threat Researcher and
primarily as a reverse engineer of malware/tools to understand their behavior and write
better
detections for that behavior for a variety of EDR tools.
}
Hans Lõugas == {CTF Producer, Cybexer Technologies, EE;
Hans has been working with technology and cybersecurity
journalism, communication and analysis for the last decade. Now his mission with CybExer
Technologies and CTF Tech is to bring new people to cyber security, especially through
events
like CTF.
}
Uldis Lībietis == {CISO, TET Group, LV}
Aftershock
The conference is over, but we would like to share some information with you:
CTF
1st place EVOSEC
2nd place К|/|БЕР BABUSHKA
3rd place L&B
// EOF
CTF status CLOSED!
CTF style Jeopardy && infrastructure
takeover
Registration start 22SEP 12:00 (UTC+3)
Registration end 29SEP 23:59 (UTC+3)
Registration confirmations Until 30SEP 17:00
(UTC+3)
CTF start 01OCT 09:00 (UTC+3)
CTF end 02OCT 17:00 (UTC+3)
Maximum team count 30
Participants per team 2 to 5
Awards Top three teams based on the points
scored
CTF provided by CybExer Technologies &&
CTF Tech (EE)
Infrastructure provided by TET Group (LV)