00

days


00

hours


00

minutes


00

seconds



Tickets

You can start buy Tickets from September, the 26th 2024

NET NEUTRALITY TRACK PASS - FREE

Net Neutrality & Privacy Track - November 18th

EARLY FULL PASS 75€

Cybersecurity Track - November 19, 20th

LATE FULL PASS 100€

Cybersecurity Track - November 19, 20th

FINGER FOOD

ONLY PURCHASED BY ORDER. SPECIAL OFFER!
 

No cON Name congress (2024)

No cON Name is the oldest active hacking and IT security conference in Spain. Established in 1999, the first edition took place in Mallorca, and the event now continues in Barcelona. We are a non-profit association. Our events are open to anyone eager to share knowledge and engage with our vision of Hacking and IT Security (aka Cybersecurity). Here you can learn with no commercial bias, no sponsors (as much as possible) and meet people confortably. We thrive thanks to the support of our participants, we take pride in being one of the most independent conferences

No cON Name staff

Organization

With the collaboration of:

 

Singularities

Eldest
20 editions
Free Net Neutrality and Privacy Track
Targeted to everybody who wants to be concerned about privacy and net neutrality (technologies and topics)
Villages
Share activities in the same area parallel to talks
Workshops throughout the year
We designed [NcN Labs] to stay tunned and create community in Barcelona in the cybersecurity area.
Discussion Forums
addressing current topics and current trends in cybersecurity
 

Privacy and Net Neutrality Track

 
From the beginnings of the internet, new popular services and technologies are becoming less respectful with privacy and popular interests and human rights. Some big tech companies, governments and particular interests are fighting to get / alter information to take own business decisitions. We understand as a apassionate techies / hackers , professionals, journalists, activists, etc. the obligation to alert and expose about differnt topics to the general population and classified topics under the privacy and net neutrality.

Join Privacy and Net Neutrality Track for FREE*

The first day of the conference will be dedicated to this track. The event consists of a day full of talks in CAT/ES/ENG languages. The final list of talks will be published in this section on october, the 20th, meanwhile we will be publishing bits of information about talks and speakers.

Accepted speakers

Anti-censura en TOR (ES)

meskio


Tor es una de las principales herramientas a las que se recurre cuando se necesita mantener el anonimato. Pero en muchos lugares también se utiliza para acceder a contenido bloqueado y saltarse la censura y los cortafuegos restrictivos. Por eso, algunos censores intentan impedir que los usuarios se conecten a la red Tor. Vemos cómo muchas redes corporativas o universidades bloquean Tor en los cortafuegos. Vemos países enteros, como Rusia justo antes de la invasión de Ucrania o Irán, que refuerzan su censura durante las manifestaciones.
Meskio es parte del Equipo Anticensura del Proyecto Tor, donde investiga cómo los censores bloquean el acceso a la red Tor y desarrolla formas de escapar de esta censura.

Vigilancia Silenciosa: Lo Que el Cifrado No Esconde (ES)

ReD


Piensas que con el cifrado tus secretos están a salvo, ¿verdad? Pues no tan rápido. Aunque tus datos estén protegidos, los metadatos siguen cotilleando sobre ti. En esta charla descubrirás cómo pequeños detalles como cuánto tiempo hablas pueden revelar más de lo que crees. ¡El cifrado protege lo que dices, pero no quién eres! Vamos a desvelar esos misterios de forma sencilla.
Autodidacta de nacimiento, azote de cacharros y sistemas, defensor de la privacidad como forma de vida, investigador por diversion, hax0r nocturno, friky a mucha honra. Lo que viene siendo, un mente inquieta.

El poder de GPT: la nueva Fuerza Ideológica Global (ES)

Josep Jover


La ponencia abordará cómo la inteligencia artificial, particularmente ChatGPT, se ha convertido en una fuerza ideológica global. El ponente explorará cómo esta tecnología ha cambiado la forma en que se generan y distribuyen las narrativas sociales, históricas y políticas, superando el control de los Estados. Con millones de usuarios, ChatGPT impacta especialmente en los jóvenes, influyendo en su acceso a la información y en los procesos democráticos. Además, se discutirá el papel de la IA en la reconfiguración del poder global y los intentos de censura por parte de gobiernos autoritarios y no autoritarios como España.
Abogado, especializado en propiedad intelectual y derechos de autor , y gestor de conflictos. Es director del CAPA8 asistencial. Obtiene su licenciatura por la Universidad de Barcelona y ejerce como abogado desde 1983 en las ramas de derecho civil, mercantil y comunitario; y como auditor informático desde 1997.

Como la criptografía cuántica cambia la ciberseguridad (ES)

Marco Cofano & Alina Hirschmann


Criptografía cuántica parece un nombre de ciencia ficción, pero aunque es una tecnología incipiente, ya empieza a ser una realidad. Y algunos proyectos, como el Anell Collserola, se preparan para desplegarla en Cataluña. Vanesa Díaz, CEO de LuxQuanta, y la responsable de comunicación científica de l'Institut de Ciències Fotòniques, Alina Hirschmann, explicarán la situación actual de este campo innovador y como se está desplegando.
El Dr. Marco Cofano es el responsable del equipo de Ingeniería de Software en LuxQuanta, una empresa pionera en la comercialización de soluciones de criptografía cuántica basadas en la Distribución Cuántica de Clave de variable continua (CV-QKD). Cuenta con un doctorado en Matemáticas y Física Cuántica de la Universidad de Nottingham, Reino Unido, y un máster en Física Teórica y Matemática de la Universidad de Bolonia, Italia. Alina es Responsable de comunicación científica de l'Institut de Ciències Fotòniques. Tiene una experiencia de más de 15 años trabajando en el área de comunicación con centros de investigación. Doctorada en astrofísica y máster en dirección de comunicación.

Qui hi ha darrere de l’escàndol Pegasus a l’Estat espanyol?

Cèlia Carbonell i Andreu Van den Eynde


Assenyalant els responsables de NSO Group a Europa
Cèlia és referent a Irídia en l'àmbit de la defensa de la societat civil, especialitzada en spyware. Es dedica a denunciar i visibilitzar aquelles actuacions que posen en perill les llibertats civils fonamentals així com altres drets humans relacionats. Andreu és advocat especialista en dret penal i interessat en el dret digital. Ha defensat polítics com Oriol Junqueras i Raül Romeva al judici contra el referèndum de l'1 d'Octubre i el seu mòbil va ser infectat amb Pegasus, software espia d'NSO.

Cybersecurity Track

 
IT security (aka cybersecurity) is becoming necessity for everyone (people and organizations) every day. In our event we aim to bring together enthusiasts and professionals in the field from different fields to share the results of research in a talk/workshop format. Our conference has been on the scene for many years, where a significant part of the country's hacker and cybersecurity professionals have participated.

Within the frame of reference where we are located, we can boast of being the most avant-garde, traditional and independent conference.

For several editions (2), we have wanted to open ourselves to the rest of the world using English as a unifying tool. We invite everyone come to our conference and Barcelona. On the other hand, we have not ruled out our mother tongues, which will always be part of our identity.

Join Cybersecurity Track

The second and third days of the conference will be dedicated to this track. The event consists of two days full of talks, and forum discussion in CAT/ES/ENG languages.

The final list will be published in this section on October, the 20th, meanwhile we will be publishing bits of information about talks and speakers.

Accepted speakers

This section is being updated every day

Unveiling a New Botnet - Diving into the Unknown (ES)

Albert Priego


En una de nuestras últimas investigaciones hemos analizado un servidor web comprometido y hemos visto que había sido afectado por un backdoor en PHP. Tras analizarlo, hemos visto que forma parte de una desconocida botnet de servidores web comprometidos. Comenzamos nuestra investigación partiendo del malware donde lo analizamos en profundidad para comprender su funcionalidad, así como su configuración, C2 y comandos implementados. La investigación se extendió al command and control donde, gracias a errores cometidos por su desarrollador, hemos conseguido obtener información interna del C2 y del propio malware. Finalmente, conseguimos crear relaciones entre el malware y grupos/actores concretos. Explicaremos el proceso de la investigación desde cero con todos sus avances paso a paso y relacionando cada pieza del puzzle.
Albert Priego trabaja actualmente como Investigador Senior en RSA Netwitness en el área de Threat Intelligence & IR liderando a nivel técnico la investigación y el análisis de amenazas en Europa. Anteriormente trabajó en Group-IB donde realizó investigaciones internacionales que resultaron en la identificación y neutralización de APTs y botnets entre otras amenazas de alto perfil cooperando junto a diferentes fuerzas de seguridad.

Ciberseguridad para lo que queda de 2024 (ES)

Josep Jover


El ponente se centrará en las nuevas regulaciones europeas que marcarán el futuro de la ciberseguridad en empresas e instituciones. El ponente explicará normativas clave como el Digital Services Act (DSA), el Cyber Resilience Act (CRA) y la Directiva NIS2, que buscan reforzar la protección frente a ciberataques, regular el acceso a los datos y asegurar la interoperabilidad digital. También se analizarán las consecuencias del incumplimiento, que incluyen sanciones significativas y la prohibición de venta de productos inseguros, así como el papel crucial de los Delegados de Protección de Datos en este nuevo marco normativo
Abogado, especializado en propiedad intelectual y derechos de autor , y gestor de conflictos. Es director de CAPA8 asistencial. Obtiene su licenciatura por la Universidad de Barcelona y ejerce como abogado desde 1983 en las ramas de derecho civil, mercantil y comunitario; y como auditor informático desde 1997.

JiraConf exploitation & post-exploitation (EN)

Ilya Shaposhnikov


Atlassian products are one of most popular software for tickets and company articles storage. And these software are also one of main targets for attackers due to the fact that they store a huge amount of internal information. This talk will show you typical ways of attacking them and (more important) post-exploitation including non-public vectors.
OffSec Team Leader at My.Games with 8 years of official offensive security & IoT research experience. Author of PCF & IoTSecFuzz tools. Owner of ~20 CVEs.

Identifying Runtime Libraries in Statically Linked Linux Binaries with MANTILLA (EN)

Ricardo J. Rdez & Javier Carrillo-Mondéjar


During the presentation, I will introduce MANTILLA, a system designed to identify runtime libraries in statically linked Linux-based binaries, including IoT malware. Statically linked applications, often used in malware to evade detection and ensure portability, embed all dependencies in the final binary, complicating traditional malware analysis. By leveraging radare2 for static analysis and a K-nearest neighbor machine learning model, MANTILLA can predict runtime libraries based on features such as cyclomatic complexity, number of arguments, and entropy, among others, achieving high accuracy even with binaries compiled for multiple architectures such as ARM, MIPS, and x86. This talk will guide attendees through the MANTILLA methodology, from feature extraction to prediction, and will cover two real-world case studies: identifying runtime libraries in common utility applications (binutils) and in IoT malware. Attendees will learn about static analysis techniques, feature 2 engineering for machine learning models, and challenges posed by stripped binaries. The session will also discuss limitations, potential countermeasures against adversarial attacks, and the importance of correct runtime identification in malware research, emphasizing the broader impact on software security.
Ricardo J. Rodríguez obtained his M.S. and Ph.D. degrees in Computer Science from the University of Zaragoza, Spain, in 2010 and 2013, respectively. He is currently an Associate Professor at the University of Zaragoza, where his research focuses on performance and dependability system analysis, system security, and digital forensics. He leads a research group dedicated to computer security at the University of Zaragoza (https://reversea.me) threats in Europe. Javier Carrillo-Mondéjar received his M.Sc. and Ph.D. degrees in Computer Science from the University of Castilla-La Mancha, Spain, in 2017 and 2022, respectively. He is currently an Assistant Professor at University of Zaragoza, Spain. His research interests include malware detection and classification techniques, with a particular focus on IoT/firmware cybersecurity

BadExclusions Don't turn your EDR into Gruyere cheese (EN)

Alex Garcia Rebull & Alberto Magallón Sábado


The goal of this research is to raise awareness among EDR (Endpoint Detection and Response) administrators, and other solutions, about the need to create secure exclusions in their systems. The responsibility of creating secure exclusions falls on the customer, and sometimes a lack of knowledge causes a simple exclusion to become a serious cybersecurity issue. There are currently many well-documented techniques for bypassing an EDR. But what if, instead of using one of these techniques, we attempt to abuse the exclusions created in the EDR? Our research has allowed us to develop two tools capable of identifying insecure exclusions. We have been able to analyze the results obtained from one of the most popular EDRs, and we are in contact with more providers to expand the tests conducted.
Alex Garcia Rebull is a Senior Offensive Security Analyst at Schneider Electric, with extensive experience in offensive security, red teaming, and penetration testing. He has over a decade of experience working in cybersecurity, specializing in application security, infrastructure security, and social engineering attacks. Alberto Magallón is an experienced Cybersecurity Analyst and currently serves as the Cyber Arsenal Manager at Schneider Electric in Barcelona, Spain. With a career spanning over a decade, Alberto has held key positions in both the public and private sectors, including roles such as Cybersecurity Incident Response Manager and Threat Intel and Threat Hunting Manager at the Cybersecurity Agency of Catalonia

AI + User Input = Problems! Real world examples (EN)

Paweł Kusiński


Every time at every conference there is someone with the next AI (or rather to be more specific GenAI) topic. He wants to give you some real talk with real examples, rather than just theoretical attacks which “could” happen. Yes, he will start with some quick theory, for everyone to be on the same page - just by going through the current state of offensive security in topics of GenAI based on OWASP Top 10 LLM & Mitre. And then the ‘meaty’ part - two critical vulnerabilities he’ve found in the wild - walkthrough, issues I’ve had during exploitation, how I got it!
Penetration Tester and Security Researcher at Snowflake, focusing on app and cloud (in)security. He likes to share his knowledge by leading various workshops, giving conference talks, and teaching at universities. AWS Community Builder and CTF player (member of justCatTheFish) who changes most of his hobbies every month.

Capriware Ransomware: Ransomware in ESXi and How to Monitor and Prevent It (EN)

Sebastien Kanj & Aleix Marro


In this talk, we will present the results of recent ransomware incident responses carried out at INCIDE, which have aaected ESXi infrastructures. During our investigations, we identified a new ransomware gang, named Capriware, specifically targeting ESXi infrastructure. We will explain how our DFIR team collects logs, which logs are crucial for analysis, and the TTPs observed across diaerent attacks, including those related to Capriware. Additionally, we will provide recommendations for monitoring and preventing incidents on these systems.
Sebas is a telecommunications engineer and currently pursuing an Industrial PhD between INCIDE Digital Data S.L. and the Universitat Politècnica de Catalunya. He is the Manager of INCIDE’s DFIR team and has been a speaker at conferences such as RootedCon, JITEL, EAI ICDF2C, DFRWS EU, and workshops hosted by the Generalitat of Catalonia. Aleix, with a degree in Computer Science and a Master's in Cybersecurity, is a DFIR analyst. He focuses on incident response, process automation, and streamlining forensic investigations, using security tools like EDRs for timely incident resolution.

No future. ¿Seríamos soberanos en caso de conflicto global? (MESA REDONDA) (ES)

Antonio Fernandes


Después del asunto de CrowdStrike, ha quedado claro la dependencia tecnológica que afecta a todos, sin diferencias tamaño o reputación, ¿Tiene futuro Europa en un mundo interconectado, volátil e incierto? ¿Seríamos capaces de ser autosuficientes?
Con más de 20 años en Ciberseguridad, desde lo técnico hasta la gestión. Descubridor de fallos en NASA, Google y más. Evaluador en la Comisión Europea y miembro activo en asociaciones clave como la European Cyber Security Organisation. Docente, ponente y actual CISO en una multinacional

Enhancing Cybersecurity Intelligence through Machine Learning: Clustering and Forecasting Analysis of Honeypot Data (EN)

David Rosado


In this talk, we will explore the pressing cybersecurity challenge posed by publicly exposed IP addresses, which are frequent targets for cyberattacks that can lead to data breaches, ransomware infections, and unauthorized intrusions. These vulnerabil- ities are often exploited by advanced malware, leaving traditional security mechanisms struggling to keep up. To address this growing threat, we conducted a comprehensive study using data collected from a global network of honeypots provided by the Global Cyber Alliance. We employed a combination of cutting-edge machine learning techniques and clustering analysis to categorize attack patterns and reveal hidden trends in malicious activity. By analyzing malware hashes, we identified significant threats posed by those not recog- nized by the VirusTotal database. Additionally, we developed forecasting models such as ARIMA, machine learning algorithms, and LSTM networks to predict future cyberattack trends at a country level.
David Rosado is a young researcher, mathematician, and data scientist with a strong interest in cybersecurity. Currently working at the Cybersecurity Agency of Catalonia, he is completing his second research paper, which focuses on the intersection of data science and cybersecurity.

Villages

 
A Hacking Village is an educational activity to help to the community to share and practice hacking and cybersecurity skills. The main purpose is to share and interact with small groups achieving the main topic of the village, also interact between participants in small activities parallel to conferences. In this way you can choose assisting to an introductory workshop or chasing criminals while in other room a speaker is talking about some new hacking.

Hacking Village will be proposed by staff, but final format will be closed by both parts (staff and leader). The main purpose is, one more time, show and share skills / techniques in some areas and not to show commercial products and services.

You'll be able to enjoy villages if you are enrolled in Cybersecurity Track.

The final list, requirements, and room names will be published in this section on October, the 20th, meanwhile we will be publishing bits of information.

This section is being updated every day

Village: Threat hunting and Malware analysis (EN)

Leader: Touhami Kasbaoui


Inside the Village we will cover the next topics:

  1. Detection through Elastic Security SIEM, deployed in a shared VM, including installation guidance and explanation of key security detection policies.
  2. Retrieval of malware artifacts and TTPs for analysis, including: a. Introduction to static analysis and required tools. b. Dynamic analysis techniques. c. Brief introduction to reverse engineering, required tools, basics of Windows architecture, and portable executable structure to help participants enter the reverse engineering field.
  3. Thinking outside the box for external malware hunting to feed SIEM or SOAR systems, using various techniques. 4. Revealing a technique to identify malware types and adapt to their base architecture to find security vulnerabilities or misconfigurations for exploitation.

We will cover as a Training two strategies:

explaining a real-world use case scenario of identifying and detecting a Malware Loader infection, and providing a live demonstration Explaining the detection process, followed by the required elements and techniques for investigation:

USE CASE Scenario:
-Identifying behavior through SIEM
Malware Analysis 101:
-Static analysis
-Dynamic analysis
-Automated analysis
REVERSE ENGINEERING 101:
-Anatomy of a Windows PE Compilation
-x86 assembly language
-Typical attack track
Threat Hunting Introduction:
-Proactive approach
-Setting up a war zone area (Tools)
-Local hunting and red flags
-External hunting
-Hunting C2 malware
-Hacking back Command & Control
We will provide a virtual machine (VM) containing the necessary tools for investigation, allowing them to continuously investigate and ask questions during the workshop. The view of the workshop is to deliver a message about DFIR (Digital Forensics and Incident Response) investigation and threat hunting: that everything is based on using a minimal set of skills to create an investigative approach that can help achieve good results.

Estimated Duration: 2 hours

Touhami is primarily oriented towards purple teaming. By day, he practice cyber defensive security, and by night, he discover security vulnerabilities in various vendors. Recently, he discovered a local privilege escalation vulnerability in the ASUS framework, and he have a pending local privilege escalation discovery in Windows 11. He also work on discovering security vulnerabilities in Google Chrome and conduct vulnerability research and development for different vendors.

Village: Red Team (EN)

Leader: Ilya Shaposhnikov


Inside the Village we will cover the next topics:

Pentest Collaboration Framework
Duration:1 hour.

Requirements: Laptop + git

Active Directory Certificate Services Attack and Remedation
Duration: 2 hours.

Description: Certificate services ESC1-15 attacks how to exploit and how to configure securely.

Mastering ROP: Building Blocks of Modern Exploits
Duration: 1h + 20min

Description: Let’s master the basic techniques for implementing a ROP attack.

Requeriments: Windows, VSCode (C++), Notepad++, x64dbg

Wednesday, November, the 20th at 9:30am

Total Estimated Duration: 7 hours

OffSec Team Leader at My.Games with 8 years of official offensive security & IoT research experience. Author of PCF & IoTSecFuzz tools. Owner of ~20 CVEs.

Village: Wordpress Security - Seguridad WordPress: users, developers, systems (EN/ES)

Leader: Javier Casares


AGENDA

  1. Users: They will have an overview of what security measures their WordPress needs and how to keep it safe.
  2. Developers: We will learn about the most common security features and good practices when developing a plugin.
  3. Systems: We will see some important aspects to protect in our systems, routes to take into account and rules for firewalls.

WordPress Village Index

  1. What WordPress is (and what it is not)
  2. WordPress Security, as a user
  3. Default security. Weaknesses and strengths. What to protect and what not to protect. Plugins and other things.
  4. WordPress security, as a developer
  5. Service recommendations.What and how to protect. Plugins. What to keep in mind. Useful functions.
  6. WordPress security, as a sysadmin
  7. Service recommendations.What and how to protect.
  8. Attacking (and defending) WordPress
  9. Let's find weaknesses.Patching weaknesses.One step further.

Total Estimated Duration: 2 hours

I've been a system administrator on the Internet since 1994, although I've been developing for many years. Among many other things, I'm the representative of the WordPress.org Hosting team and the person responsible for advanced documentation for WordPress.org. One of my personal projects is WPVulnerability, a database of WordPress (core, plugins, themes) and software (PHP, Apache, nginx, MariaDB, MySQL…) vulnerabilities and its corresponding WordPress plugin.

Schedule

 
Final Cybersecurity Track Schedule will be sent by email to registered assistants

Important Dates

    • Call For Papers Requests closing: october, 15th 2024100%
    • Call For Papers Approval: October, 20th 2024.100%
    • Schedule publication: October 20th, 2024.100%
    • Net Neutrality Privacy Track: November, 18th 2024 (BARCELONA)0%
    • Cybersecurity Track: November, 19-20th 2024 (BARCELONA)0%
     

    Address

    bc1qr7uat3k6hl3lwn5jqlwl8vhlsrs3e33qdz6pku3ag9zl7t4mss2qvlx5pg

    Location