MANILA, Philippines, Sept. 30, 2024 /PRNewswire/ -- At Rootcon 18, held on September 25-27, 2024, experts from Viettel Cyber Security (VCS) made a lasting impression on the cybersecurity community, winning the Capture the Flag (CTF) competition and delivering a powerful technical talk on ransomware operations.
Excelling in the CTF Finals: A Showcase of Expertise
The CTF at Rootcon featured a series of 5 distinct challenge sets across multiple categories such as web security, reverse engineering, cryptography, binary exploitation, and network forensics. Each challenge required participants to solve complex puzzles, exploit vulnerabilities, and gather the "flags" hidden within systems—all while competing against the clock and other top-tier teams.
The VCS team demonstrated its dominance right from the qualifying rounds, consistently ranking in the top positions. After 24 hours of intense hacking, only the top 8 teams advanced to the final stage, and the competition reached a fever pitch.
The final round featured even tougher challenges designed to push participants to their limits, demanding advanced skills in identifying flaws in secure systems, leveraging obscure exploits, and reverse engineering malicious code. VCS, however, stayed calm under pressure, methodically working through the tasks and maintaining their lead to secure the first-place finish.
Expert Analysis on Ransomware Operations by Long Doan Minh
Adding to their CTF victory, VCS's Long Doan Minh, a renowned Threat Analyst with five years of experience in cybersecurity, delivered an insightful presentation on "Dissecting a Ransomware Operation: From Propagation to Extortion." Long, whose expertise spans reverse engineering, malware analysis, and high-profile incident management, has tackled over 50 threat actors and managed more than 30 critical incidents for enterprises and government bodies across Southeast Asia.
Long's talk offered an in-depth look at how cyber attackers exploit the relationship between Azure and on-premises Active Directory (AD) to gain unauthorized access and move laterally across systems. His presentation was divided into two key parts:
- From On-Premises to Cloud: This section focused on techniques attackers use to steal cloud credentials through phishing and endpoint extraction, enabling them to infiltrate cloud environments.
- From Cloud to On-Premises: Long explained how mechanisms like Cloud Kerberos Trust and Microsoft Intune are abused by attackers, alongside lesser-known techniques such as Azure LAPS exploitation, to move laterally back to on-premises systems.
Leaving a Mark at Rootcon 18
Viettel Cyber Security's performance at Rootcon 18 showcased their technical mastery and leadership in the cybersecurity field. Especially noteworthy is the participation of very young experts, aged only 20 to 22, sent by Viettel Cyber Security to gain practical experience, yet they brought back remarkable achievements. Recently, the company achieved top honors at Pw2nOwn, the world's largest hacking competition, and has been recognized in the industry hall of fame by tech giants.
In addition, Long Doan Minh's expert talk on ransomware operations left a strong impression, offering attendees valuable insights into real-world threats and how attackers exploit cloud and on-premises systems. His deep experience in incident response provided actionable guidance, making his session one of the event's highlights.
Together, the CTF win and ransomware presentation positioned VCS as both a competitive force and a thought leader in cybersecurity, leaving a lasting impact on the Rootcon 18 audience and reinforcing their commitment to strengthening global digital defenses.
About Rootcon 18
Rootcon is the Philippines' premier hacking conference and cybersecurity gathering, attracting top security professionals, enthusiasts, and ethical hackers from around the globe. Rootcon 18 featured a range of activities including workshops, keynote speeches, and the highly anticipated Capture the Flag (CTF) competition, where participants engage in various hacking challenges to capture digital "flags." The event fosters collaboration and knowledge-sharing, keeping the global cybersecurity community up-to-date on the latest trends and threats.
About Viettel Cyber Security
Viettel Cyber Security (VCS) is a branch of Viettel Group, conducting in-depth research and development of information security solutions. VCS offers a wide range of services tailored to meet the unique needs of our clients, including Security Operations Center (SOC) services for real-time threat monitoring and incident response, Threat Intelligence (TI) to proactively identify and mitigate potential risks, Vulnerability Assessment and Penetration Testing (VAPT) to detect and address system vulnerabilities, and Compromise Assessment (CA) to assess and remediate security breaches. With expertise and cutting-edge technologies, VCS ensures robust protection and peace of mind for organizations navigating the complexities of cybersecurity.
Website: https://viettelcybersecurity.com/