Monday 16 May 2022
On May 10, 11 and 12, the Barcelona Cybersecurity Congress – IOT Solutions World Congress was held. This is an event that showcases the game-changing solutions & technologies that are disrupting and transforming industry and celebrates the business and technology executives creating a powerful competitive advantage.
In the BCC apart from the main talks there are also side-events such as the "Hunting Mummy Spider CTF" (Capture The Flag) hacking competition, organized by Crowdstrike and based on the Falcon Console, that is, it was necessary to use this console created by Crowdstrike. The Falcon Console is a SIEM (Security Information and Event Management), or in other words, a platform from which threats are sought to be quickly identified and where they come from.
This CTF has consisted in the course of an hour in finding out the scope of an intrusion by analyzing computers, users, processes, ports, domains, network requests and Firewall rules, among others, to finally obtain the identifier of a security group of AWS that had been modified to be able to establish a connection through port 5150. The security group identifier was the final flag and when delivered the timer was stopped.