"Binary Analysis Notes" Mariano Graziano

Mariano Graziano is a technical leader in Cisco Talos. He got a Ph.D. from Eurecom (France) and he is mainly interested in automated malware analysis and memory forensics. He got his Bsc and MSc from Politecnico di Torino.

Binary analysis is the art of understanding compiled programs. In this way, researchers can extract valuable information about the behavior of an application without having its source code. It is a combination of static and dynamic analysis and it is fundamental in many activities such as reverse engineering, malware analysis and exploitation. In this presentation, we will guide the audience through the ELF file format and we will discuss possible techniques an attacker can use to hinder the analysis. We will show real anti-debugging and anti-analysis techniques to defeat common tools such as GDB, readelf and IDA.

"Firewalls are a mess! Compiling and decompiling network policies" Lorenzo Veronese

Lorenzo Veronese is a graduate Computer Science student at Ca' Foscari Venice. His research interests are formal methods, network and web security. In the last few years he took part in CTFs as a proud member of c00kies@venice and mhackeroni. Starting from 2018 is one of the organizers of the local and national finals of the Cyberchallenge.IT training program.

Firewalls are an essential tool for managing and maintaining network security policies. Designing the firewall of a complex organization is notoriously hard even for expert sysadmins, since configuration languages often expose low-level details and do not provide a declarative way to specify the intended network access control policies. This talk will provide an overview of the research tools developed by the security group at Ca' Foscari to help system administrators configuring and maintaining firewall systems: Mignis is a compiler that produces iptables firewall configurations starting from a high-level declarative language, while FWS is a decompiler that turns real policies (e.g., iptables, pf, ipfw, cisco) into abstract specifications purged out of low-level and platform-specific details, making it easy to maintain and review large firewall configurations. We will use Attack/Defense CTFs as a running example to show how these tools are useful in practice and how they are used by c00kies@venice and mhackeroni in both organizing and taking part in such competitions.

"SCADA, A PLC's Story" Paolo Stagno

Paolo Stagno (aka VoidSec) has worked as a consultant for a wide range of clients across top tier international banks, major tech companies and various industries.
He is a freelance security researcher and a penetration tester focused on offensive application security. He enjoys understanding the digital world we live in, disassembling, reverse engineering and exploiting complex products and code. In his own research, he discovered various vulnerabilities in software of multiple vendors and tech giants.

During the last few years, SCADA quickly gained the major news headlights with different frightening articles: from STUXNET to breaches like the electrical power supply grid in Ukraine (December 2015). Since SCADA systems are actively used across various industries (oil & gas, pharma, power plants, critical infrastructures) to perform critical operations on daily basis, SCADA security has also become a hot topic in the industry.
This talk will provide a comprehensive overview of the most common SCADA components, known malware and incidents as well as security issues affecting this technology, including existing vulnerabilities in different modules. As part of the presentation, we will disassemble and reverse engineer a PLC and its protocol. This model will be used to demonstrate some aspects of discovered security vulnerabilities.

"Up near the clouds all the servers (can) go down" Luca Pezzolla

Luca Pezzolla is part of the team who is creating sbam.io, the first platform to support marketers and content creators in their data-driven growth on social networks. His learning path in web security started in high school: since then he's widened his expertise while working as an Information Risk Management consultant at KPMG, and through his participation in CyberChallenge.IT training program. He's a member of PoliTHack and of the pwnthem0le CTF team.

Cloud technology has been a game-changer in the IT field, but brought along a whole new world of vulnerability. We will analyze how the cloud changed the classical approach towards web security, and the basic concepts you'll need to start your journey in web security.

"Quantum computers and cryptography" Guglielmo Morgari

Guglielmo Morgari is a security expert with over twenty years of experience in the field. He is currently Research Manager in Telsy. His main interests concern the study and implementation of cryptographic algorithms and protocols.

Theorized in the early 80s, quantum computing has long been considered an interesting abstract model without concrete possibilities of realization. In recent years, however, the scientific community has begun to believe that quantum computer could actually appear shortly and today some prototypes are already available, albeit poorly efficient.
Quantum computing is thus receiving an increasing attention, especially because its realization would make most public key cryptography techniques completely vulnerable, severely jeopardizing the security of current information systems.
This threat is usually addressed along two technologically distinct directions. On the one hand the use of new PQC (Post Quantum Cryptography) algorithms, based on mathematical conjectures and able to resist the cryptanalysis capabilities of the quantum computer; on the other hand, the use of QKD (quantum key distribution) solutions, whose security is based instead on the principles of quantum mechanics.
The talk will give an overview of the described scenario, focusing on the technical aspects and the applicative implications.

"Cyber range: Hacking Virtual Warfare" Danilo Massa

Danilo Massa has a vast and significant technological and managerial experience in the cybersecurity sector, where he operates at 360°: from VA/PT on complex systems and applications, to incident handling, digital forensic and e-discovery.
As the cyber security division CTO at aizoOn, he guides the development of technological products. Among the most recent defensive strategy projects, the implementation of the Cyber Range platform, aimed at training and preparing the defense from increasingly sophisticated cyber intrusions.

The current scenario, characterized by evolving cyberattacks perpetrated by criminal organizations and cyber-activists, calls for an update of the tools and personnel in charge of defending cyberspace and the continuous innovation of the defense strategies.
The NATO annually organizes a drill (Locked Shields) aimed at strengthening the defense capabilities of the nations involved. The drills are performed using the Cyber Range of the Cooperative Cyber Defense Center of Excellence, in order to simultaneously simulate different scenarios involving over 200 operators.
The presentation will focus on the implementation of theaters and scenarios for the execution of highly-realistic training simulations, where the defenders will deal not only with already known vulnerabilities, generated by configuration errors or registered as CVE, but also with new 0-day vulnerabilities. The attackers, instead, will need to silently penetrate the defenses in order to achieve the requested objectives (ex. exfiltrate information, deactivate alarm systems, compromise building automation systems).

"Data Breach: real world adversary tactics and techniques." Dario Amoruso, Matteo Ranalli

Dario Amoruso is a Senior Manager in KPMG Advisory and works in the Cybersecurity division. He took his master in computer engineering at the University of Pisa. He has skills in both governance risk and compliance, security testing and red/blue teaming. In recent years he gained experience on industrial control system (ICS) security.
Matteo Ranalli is a passionate security consultant, with a degree in Computer Engineering, with a strong curiosity for all aspects of information technology. He currently works in the Cyber Security group of KPMG Advisory, where he provides his skills and experience gained in the field of Blue Teaming and Red Teaming, along with other issues related to data and company security.

In recent years, huge amounts of sensitive data have been published on the web, stolen from criminals to damage different companies and end users. The impacts are rigorously devastating, and often the violation does not emerge quickly, it is often a matter of years. Starting from an introduction on the most striking cases of data breach of the recent period, the methodologies used by the major criminal groups in the world will be analyzed, and how the latter were reproduced by the same companies, in order to simulate unconventional attempts of computer compromises and data exfiltration.
On this occasion, the MITRE ATT&CK Framework will be presented, which formalizes the tactics and techniques used by the opponents in real scenarios.