International Cybersecurity Forum (FIC) 2023

The EC2 is the first ethical hacking competition that pits engineering and cyber security students against esports security professionals. Who will be victorious? 

Join us to find out! Airbus Defence and Space Cyber is providing its gaming platform to manage teams, events and scoring. During the competition, we’ll also set up SpeedRun events, allowing teams to gain – or lose – extra points.

Eric Carles, IT Project Manager, Software Engineer at Airbus Defence and Space Cyber

Orion Malware is a network file analysis platform designed to empower all security teams (SOC, CERT and CTI) by analysing files extracted from networks or submitted by users. Sorting techniques, static analysis and dynamic analysis are coupled to extract data on analysed files and qualify threats.

For example, Orion Malware can integrate into Microsoft Exchange messaging infrastructure to detect and neutralise malicious attachments.

This presentation will demonstrate Orion Malware’s ability to detect and block malware, such as ransomware received by email.
We will present the different configuration options as well as the logging and traceability aspects of the analysis system integrated with Microsoft Exchange.

Flavian Dola and Yann Breut, Solutions Area

Ghidralligator is a C++ multi-architecture emulator based on the Ghidra libsla, designed for fuzzing
with AFL++. It allows performing emulation-based fuzzing while keeping interesting performances
when dealing with binaries running on exotic architectures.

On the agenda:

• Watch an overview of fuzzer technics (code coverage, snapshot, …) and tools (AFL, …) ;
• Dive into Ghidra RE Internals and libsla ;
• Learn more about Ghidralligator software architecture ;
• Experience a realistic demo : Fuzzing programs running on Xtensa/PowerPc/Mips/Arm CPU ;
• Get to know the limitations and future features.

The EC2 is the first ethical hacking competition that pits engineering and cyber security students against esports security professionals. Who will be victorious? 

Join us to find out! Airbus Defence and Space Cyber is providing its gaming platform to manage teams, events and scoring. During the competition, we’ll also set up SpeedRun events, allowing teams to gain – or lose – extra points.

Eric Carles, IT Project Manager, Software Engineer at Airbus Defence and Space Cyber

Orion Malware is a network file analysis platform designed to empower all security teams (SOC, CERT and CTI) by analysing files extracted from networks or submitted by users. Sorting techniques, static analysis and dynamic analysis are coupled to extract data on analysed files and qualify threats.

For example, Orion Malware can integrate into Microsoft Exchange messaging infrastructure to detect and neutralise malicious attachments.

This presentation will demonstrate Orion Malware’s ability to detect and block malware, such as ransomware received by email.
We will present the different configuration options as well as the logging and traceability aspects of the analysis system integrated with Microsoft Exchange.

Nicolas Delhaye, Solutions Area

This presentation aims to demonstrate that it may be necessary to determine a basic architecture of a target product to advance in the vulnerability research process.

Did you know that, sometimes interacting with a component can be more complex than using a simple socket and sending data directly? And that much more complex communication channels can be developed with synchronization mechanisms, shared memory and randomly generated resource names?

Don’t miss our demonstration explaining how understanding and implementing such a communication channel costs a lot of time and forces the vulnerability researcher to give up his initial idea.

Yann Breut, Solutions Area

Known by all IT professionals for its efficiency and ease of use,Nmap is the essential tool when you want to discover a network.
It is certainly the tool most used by IT security specialists when they have to carry out a service related to when they have to carry out a service related to the network.

However, it must be acknowledged that knowledge of its internal workings is often neglected.
It is however the small difference that can give an attacker or a defender an advantage.

Through this presentation, we will deepen our knowledge of Nmap in order to highlight some of the pitfalls to avoid when you want to remain discreet, such as during Red Team missions; or particular markers
to look for if you are defending a network.

SENTINEL is a European project with 13 partners, the objective of the project is to bridge the security, privacy and data protection gap for smaller enterprises in Europe. Once registered on the platform, and the self-assessment workflow completed, the SME user will get policy recommendations, information on data and privacy breached, and training materials. AIRBUS provides a new training approach with a Gaming interface based on the CyberRange in order to raise awareness of end users. The users will learn in an interactive way the best practice to better protect personal and sensitive data.
During the presentation, you will discover the SENTINEL platform, and a training on the AIRBUS Gaming interface.

Eric Carles, IT Project Manager, Software Engineer at Airbus Defence and Space Cyber

Orion Malware is a network file analysis platform designed to empower all security teams (SOC, CERT and CTI) by analysing files extracted from networks or submitted by users. Sorting techniques, static analysis and dynamic analysis are coupled to extract data on analysed files and qualify threats.

For example, Orion Malware can integrate into Microsoft Exchange messaging infrastructure to detect and neutralise malicious attachments.

This presentation will demonstrate Orion Malware’s ability to detect and block malware, such as ransomware received by email.
We will present the different configuration options as well as the logging and traceability aspects of the analysis system integrated with Microsoft Exchange.