{"id":228078,"date":"2014-11-24T13:00:21","date_gmt":"2014-11-24T12:00:21","guid":{"rendered":"http:\/\/securite.intrinsec.com\/?p=1635"},"modified":"2014-11-24T13:00:21","modified_gmt":"2014-11-24T12:00:21","slug":"conference-nosuchcon-2014-jour-3","status":"publish","type":"post","link":"https:\/\/www.intrinsec.com\/en\/conference-nosuchcon-2014-jour-3\/","title":{"rendered":"NoSuchCon 2014 Conference \u2013 Day 3"},"content":{"rendered":"

As part of its monitoring activities, Intrinsec attended the second edition of the NoSuchCon international conference, which took place from November 19 to 21, 2014, at the Niemeyer space at the headquarters of the French Communist Party (PCF) in Paris. The presentations were in English, technical, and straightforward. (bullshit-free)<\/em>.<\/p>\n

\"image15\"<\/a>(source : http:\/\/www.nosuchcon.org\/<\/a>)<\/p>\n

We offer summaries of the various presentations from the conference: Day 1<\/a>, Day 2<\/a> and day 3 (this article).<\/p>\n

We would also like to thank the organizers and student volunteers who managed this event very well, as well as the speakers who shared their knowledge and discoveries.<\/p>\n

Day 3<\/h1>\n

\u00abReverse engineer MSP 430 device\u00bb \u2013 Braden Thomas (Accuvant)<\/h2>\n

Slides: not shown<\/p>\n

Braden Thomas presented an object that is popular in the United States and Canada, but unknown in France: the \u00ab"Real-estate lock boxes"\u00bb<\/em>. These boxes are placed on the door handles of houses for sale and store the property keys for access by authorized real estate agents.<\/p>\n

The new generation of locks can be opened contactlessly in different ways: electronic key from the manufacturer, Android or iOS application (Bluetooth) or infrared transmitter.<\/p>\n

The speaker presented the results of his research on the security of these devices. As the vulnerabilities discovered have not yet been patched by the manufacturer (who is, however, receptive and cooperative), he chose not to broadcast his presentation.<\/p>\n

Braden notably managed to extract the firmware<\/em> of the MSP430 microcontroller used, bypassing the fuses disabling the JTAG port through a procedure called "\u00ab\u00a0paparazzi attack \u00bb<\/em> which requires cleaning the chip and subjecting it to flashes of light.<\/p>\n

 <\/p>\n

The \u00abPaparazzi\u00bb attack: decap a chip and use a flash to affect its behavior\u2026 Like in a James Bond movie! #NoSuchCon<\/a><\/p>\n

\u2014 Xavier Mertens (@xme) November 21, 2014<\/a><\/p><\/blockquote>\n

 <\/p>\n

He also discovered a hardware backdoor in the form of a resistor between two microcontroller ports: it can be easily unsoldered or destroyed by drilling at the right spot from the outside. In conclusion, Braden reiterates that it is strongly advised against storing cryptographic secrets in a standard microcontroller that is not designed to resist their extraction.<\/p>\n

 <\/p>\n

\u00abAttack on the Core\u00bb \u2013 Peter Hlavaty (Keen Team)<\/h2>\n

\"image27\"<\/a>Slides: http:\/\/www.nosuchcon.org\/talks\/2014\/D3_02_Peter_Hlavaty_Attack_on_the_core.pdf<\/a><\/p>\n

Peter Hlavaty is a vulnerability researcher. His highly technical presentation was aimed at those experienced in developing kernel-level exploits. It provided an opportunity to demonstrate several techniques for escalating privileges to the kernel level when exploiting a vulnerability. He also introduced his framework<\/em> development shellcodes<\/em> in C++.<\/p>\n

 <\/p>\n

\u00abCryptographic Backdooring\u00bb \u2013 Jean-Philippe Aumasson (Kudelski Security)<\/h2>\n

\"image32\"<\/a>Slides: http:\/\/www.nosuchcon.org\/talks\/2014\/D3_03_Jean_Philippe_Aumasson_Cryptographic_Backdooring.pdf<\/a><\/p>\n

Recent revelations about national computer espionage programs have cast more doubt than ever on the possible presence of backdoors in cryptographic algorithms and their implementations, which allow government organizations to decrypt communications in the context of lawful interceptions.<\/p>\n

Jean-Philippe Aumasson pointed out that it is difficult to build reliable backdoors and there is always a risk that they will be exploited by malicious individuals.<\/p>\n

The speaker presented the desired properties of a good backdoor. In particular, he mentioned the term attributed to the NSA: NOBUS \u00ab"No one but us"\u00bb<\/em>, which means that the vulnerability must only be exploitable by the agency alone.<\/p>\n

Jean-Philippe demonstrated some possibilities for designing and implementing backdoors. In conclusion: according to the speaker, inserting backdoors is easy.<\/p>\n

 <\/p>\n

\u00abHardware Workshop \u2013 Fun with RF remotes\u00bb \u2013 Damien Cauquil (Sysdream)<\/h2>\n

Slides, PCB file, manual: https:\/\/github.com\/virtualabs\/NSC14-HW<\/a><\/p>\n

This workshop was offered during the lunch break. Damien Cauquil reviewed the mechanisms of wireless communication and demonstrated how to intercept it. The workshop focused on modifying a consumer-grade wireless doorbell system. A remote control is located outside the house and communicates with the doorbell; this exchange is protected by a 6-bit code.<\/p>\n

Damien proposed modifying the remote control to add an electronic board that implements an automatic brute-force attack on the 6 bits of the code using a component that generates a clock and a counter (to generate successive combinations). This hack<\/em> is interesting because it reuses the legitimate remote control and does not require reimplementing the radio part.<\/p>\n

 <\/p>\n

\u00abDetecting BGP hijacks in 2014\u00bb \u2013 Guillaume Valadon, Nicolas Vivet (ANSSI)<\/h2>\n

\"image16\"<\/a>Slides: http:\/\/www.nosuchcon.org\/talks\/2014\/D3_04_Guillaume_Valadon_Nicolas_Vivet_detecting_BGP_hijacks.pdf<\/a><\/p>\n

The BGP protocol is used at the Internet level to exchange routing information between different networks (AS: Autonomous Systems<\/em>The ASes advertise the prefixes of the IP networks they manage using this protocol; therefore, this protocol requires trust in the received advertisements. It is thus possible to divert traffic destined for certain networks.<\/p>\n

According to the speakers, in Europe registering an AS number and a \/22 address range both cost \u20ac50 per year and allow participation in BGP exchanges.<\/p>\n

 <\/p>\n

BGP highjacks are used to launch spam campaign from fresh IPs #NSC14<\/a> \u2014 Taiki (@Taiki__San) November 21, 2014<\/a><\/p><\/blockquote>\n

 <\/p>\n

A countermeasure is possible: declare in the "route" object of the network's WHOIS record which AS(s) is\/are authorized to advertise the prefix, but not all network managers do this yet.<\/p>\n

 <\/p>\n

Guillaume Valadon presented the methodology and results of offline analyses conducted on a year's worth of BGP traffic to detect prefix spoofing. Numerous suspicious events are generated, and several techniques can reduce their number to a relevant and manually processable volume. Approximately 10 serious spoofing attempts against French operators were detected using this method during the year.<\/p>\n

Nicolas Vivet presented how this methodology and these tools have been modified to perform real-time detection. Several concrete examples were presented, including a suspected case of a French operator's IPv6 prefix being spoofed by a Ukrainian operator, which, after investigation, turned out to be the opposite: the French operator had forgotten a zero in the IPv6 address it was advertising!<\/p>\n

In conclusion: traffic can be redirected, so it is important to encrypt and authenticate it. Operators must monitor BGP traffic on their prefixes and be prepared to counterattack. Finally, the IETF's Best Practices (BCPs) must be implemented by operators.<\/p>\n

 <\/p>\n

\u00abUnreal mode: breaking protected processes\u00bb \u2013 Alex Ionescu (CrowdStrike)<\/h2>\n

\"image30\"<\/a>Slides: http:\/\/www.nosuchcon.org\/talks\/2014\/D3_05_Alex_ionescu_Breaking_protected_processes.pdf<\/a><\/p>\n

This presentation was not revealed before the conference; in fact, the vulnerability presented by Alex Ionescu was discovered in August but will not be patched by Microsoft until January. He therefore only received permission to present the day before, omitting the details.<\/p>\n

In recent versions of the Windows operating system, administrator access no longer means unlimited access to the system: more and more features are only accessible in kernel mode, which is much more difficult to reach.<\/p>\n

This distinction allows the creation of protected processes (see also on this topic the presentation of day 2 "Understanding and defeating Windows 8.1 Patch Protections: it's all about gong fu! (part 2)" by Andrea Allievi) and therefore, for example, the implementation in a compartmentalized manner of DRM mechanisms, but also of processes and services impossible to stop, even as an administrator.<\/p>\n

 <\/p>\n

Alex explained the different levels of process signatures and privileges. For example, on a classic desktop Windows system, any program can be run, whereas on a Surface tablet, only programs signed by Microsoft can run normally.<\/p>\n

 <\/p>\n

The LSASS process that handles authentication can be protected to prevent the theft of its contents (for example, with mimikatz). However, Alex has shown that by exploiting the Windows crash manager, it is possible to vulnerabilities. (Windows Error Reporting)<\/em> it is possible to obtain a dump<\/em> of this process and thus bypass the protection! This dump<\/em> being that of a protected process it is normally encrypted, however Alex discovered a vulnerability (which will be fixed in January) which allows this file to be obtained in plain text and exploited with mimikatz to still obtain the identification information.<\/p>\n

 <\/p>\n

Now dumping his \u00abreal\u00bb user password from LSASS memory dump in front of 400 hackers @aionescu<\/a> is really into this \u00ablive demo\u00bb thing :)<\/p>\n

\u2014 NoSuchCon (@NoSuchCon) November 21, 2014<\/a><\/p><\/blockquote>\n

 <\/p>\n

In conclusion, the ability to protect processes in Windows 8.1 improves the overall security of the OS, but it does not protect against kernel-level attacks. The upcoming Windows 10 version will contain even more advanced features that also protect against kernel-level attackers.<\/p>\n

 <\/p>\n

\u00abNo Such Security\u00bb \u2013 Anthony Zboralski (Belua)<\/h2>\n

Slides: none<\/p>\n

Anthony Zboralski delivered a keynote<\/em> During his closing remarks, he presented his experiences in the professional world of IT security and during security assessment missions (penetration testing, audits, etc.). He evoked a sentiment shared by several consultants in the audience, using the myth of Sisyphus, condemned to repeat the same task day after day. He recalled the recommendations made following penetration tests and the training sessions delivered, all in vain, as year after year he rediscovered the same vulnerabilities in the companies he tested.<\/p>\n

#NSC14<\/a> #NoSuchCon<\/a> Anthony Zboralski: "The safety consultant is the inspector of completed work." (in French in the original text) \u2014 contact (@_c_o_n_t_a_c_t_) November 21, 2014<\/a><\/p><\/blockquote>\n

 <\/p>\n

\u00abChallenge Results\u00bb<\/h2>\n

\"image29\"<\/a>Introductory slides: http:\/\/www.nosuchcon.org\/talks\/2014\/NSC_Challenge_intro.pdf<\/a><\/p>\n

\"image28\"<\/a> Slides solution: http:\/\/www.nosuchcon.org\/talks\/2014\/NSC_Challenge_solution.pdf<\/a><\/p>\n

Nicolas Collignon and Eloi Vanderbeken presented the results of the complex, multi-skilled challenge they had organized. Then the winner, Fabien Perigaud, was invited to present the steps he took to solve it (including an attack on...). timing <\/em>(on the processor cache to exfiltrate an RSA key!).<\/p>\n

 <\/p>\n

\u2014 Cl\u00e9ment Notin<\/em><\/p>","protected":false},"excerpt":{"rendered":"

As part of its monitoring activities, Intrinsec was present at the second edition [\u2026]<\/p>","protected":false},"author":1,"featured_media":1663,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,19,22],"tags":[120],"class_list":["post-228078","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-evaluation-securite","category-soc-securite-operationnelle","category-veille-securite","tag-nosuchcon"],"yoast_head":"\nConf\u00e9rence NoSuchCon 2014 - Jour 3 - INTRINSEC<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intrinsec.com\/en\/conference-nosuchcon-2014-jour-3\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Conf\u00e9rence NoSuchCon 2014 - Jour 3\" \/>\n<meta property=\"og:description\" content=\"Dans le cadre de ses activit\u00e9s de veille, Intrinsec \u00e9tait pr\u00e9sent \u00e0 la seconde \u00e9dition […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intrinsec.com\/en\/conference-nosuchcon-2014-jour-3\/\" \/>\n<meta property=\"og:site_name\" content=\"INTRINSEC\" \/>\n<meta property=\"article:published_time\" content=\"2014-11-24T12:00:21+00:00\" \/>\n<meta name=\"author\" content=\"Intrinsec\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Intrinsec\" \/>\n<meta name=\"twitter:site\" content=\"@Intrinsec\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Intrinsec\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/\"},\"author\":{\"name\":\"Intrinsec\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/person\\\/ade590fbc7ad6f413727bae7cd3fb799\"},\"headline\":\"Conf\u00e9rence NoSuchCon 2014 – Jour 3\",\"datePublished\":\"2014-11-24T12:00:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/\"},\"wordCount\":1941,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#primaryimage\"},\"thumbnailUrl\":\"\",\"keywords\":[\"nosuchcon\"],\"articleSection\":[\"S\u00e9curit\u00e9 offensive & Audit\",\"SOC S\u00e9curit\u00e9 Op\u00e9rationnelle\",\"Veille S\u00e9curit\u00e9\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/\",\"name\":\"Conf\u00e9rence NoSuchCon 2014 - Jour 3 - INTRINSEC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#primaryimage\"},\"thumbnailUrl\":\"\",\"datePublished\":\"2014-11-24T12:00:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#primaryimage\",\"url\":\"\",\"contentUrl\":\"\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/conference-nosuchcon-2014-jour-3\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/www.intrinsec.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Conf\u00e9rence NoSuchCon 2014 – Jour 3\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#website\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/\",\"name\":\"INTRINSEC\",\"description\":\"Notre m\u00e9tier , Prot\u00e9ger le v\u00f4tre\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.intrinsec.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#organization\",\"name\":\"INTRINSEC\",\"alternateName\":\"ISEC\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/libellule.png\",\"contentUrl\":\"https:\\\/\\\/www.intrinsec.com\\\/wp-content\\\/uploads\\\/2025\\\/02\\\/libellule.png\",\"width\":1322,\"height\":1322,\"caption\":\"INTRINSEC\"},\"image\":{\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/Intrinsec\",\"https:\\\/\\\/fr.linkedin.com\\\/company\\\/intrinsec\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UC0trUZAHNZOUbxYnNdecM4A\"],\"description\":\"soci\u00e9t\u00e9 de consulting, pure player cybers\u00e9curit\u00e9 fran\u00e7ais et europ\u00e9en depuis plus de 30ans, sp\u00e9cialiste dans la s\u00e9curit\u00e9 offensive & audit (pentest\\\/red team), GRC, et services IMSS comme le SOC, CTI et CERT Intrinsec est qualifi\u00e9 PASSI Elev\u00e9, PRIS Elev\u00e9 et PACS par l'ANSSI\",\"email\":\"contact@intrinsec.com\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.intrinsec.com\\\/#\\\/schema\\\/person\\\/ade590fbc7ad6f413727bae7cd3fb799\",\"name\":\"Intrinsec\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g\",\"caption\":\"Intrinsec\"},\"sameAs\":[\"https:\\\/\\\/www.intrinsec.com\"],\"url\":\"https:\\\/\\\/www.intrinsec.com\\\/en\\\/author\\\/ufhtbqccsz\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NoSuchCon 2014 Conference - Day 3 - INTRINSEC","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intrinsec.com\/en\/conference-nosuchcon-2014-jour-3\/","og_locale":"en_US","og_type":"article","og_title":"Conf\u00e9rence NoSuchCon 2014 - Jour 3","og_description":"Dans le cadre de ses activit\u00e9s de veille, Intrinsec \u00e9tait pr\u00e9sent \u00e0 la seconde \u00e9dition […]","og_url":"https:\/\/www.intrinsec.com\/en\/conference-nosuchcon-2014-jour-3\/","og_site_name":"INTRINSEC","article_published_time":"2014-11-24T12:00:21+00:00","author":"Intrinsec","twitter_card":"summary_large_image","twitter_creator":"@Intrinsec","twitter_site":"@Intrinsec","twitter_misc":{"Written by":"Intrinsec","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#article","isPartOf":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/"},"author":{"name":"Intrinsec","@id":"https:\/\/www.intrinsec.com\/#\/schema\/person\/ade590fbc7ad6f413727bae7cd3fb799"},"headline":"Conf\u00e9rence NoSuchCon 2014 – Jour 3","datePublished":"2014-11-24T12:00:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/"},"wordCount":1941,"commentCount":0,"publisher":{"@id":"https:\/\/www.intrinsec.com\/#organization"},"image":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#primaryimage"},"thumbnailUrl":"","keywords":["nosuchcon"],"articleSection":["S\u00e9curit\u00e9 offensive & Audit","SOC S\u00e9curit\u00e9 Op\u00e9rationnelle","Veille S\u00e9curit\u00e9"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/","url":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/","name":"NoSuchCon 2014 Conference - Day 3 - INTRINSEC","isPartOf":{"@id":"https:\/\/www.intrinsec.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#primaryimage"},"image":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#primaryimage"},"thumbnailUrl":"","datePublished":"2014-11-24T12:00:21+00:00","breadcrumb":{"@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/www.intrinsec.com\/conference-nosuchcon-2014-jour-3\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.intrinsec.com\/"},{"@type":"ListItem","position":2,"name":"Conf\u00e9rence NoSuchCon 2014 – Jour 3"}]},{"@type":"WebSite","@id":"https:\/\/www.intrinsec.com\/#website","url":"https:\/\/www.intrinsec.com\/","name":"INTRINSEC","description":"Our job is to protect yours.","publisher":{"@id":"https:\/\/www.intrinsec.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intrinsec.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.intrinsec.com\/#organization","name":"INTRINSEC","alternateName":"ISEC","url":"https:\/\/www.intrinsec.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.intrinsec.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/libellule.png","contentUrl":"https:\/\/www.intrinsec.com\/wp-content\/uploads\/2025\/02\/libellule.png","width":1322,"height":1322,"caption":"INTRINSEC"},"image":{"@id":"https:\/\/www.intrinsec.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/Intrinsec","https:\/\/fr.linkedin.com\/company\/intrinsec","https:\/\/www.youtube.com\/channel\/UC0trUZAHNZOUbxYnNdecM4A"],"description":"Intrinsec, a consulting firm and pure-play French and European cybersecurity provider for over 30 years, specializes in offensive security and auditing (penetration testing\/red teams), GRC, and IMSS services such as SOC, CTI, and CERT. Intrinsec is qualified at PASSI High, PRIS High, and PACS levels by ANSSI.","email":"contact@intrinsec.com"},{"@type":"Person","@id":"https:\/\/www.intrinsec.com\/#\/schema\/person\/ade590fbc7ad6f413727bae7cd3fb799","name":"Intrinsic","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fde6ed961c7078765b03a213927b5c4001b1cef4787255188f5b502a99e6ddd6?s=96&d=retro&r=g","caption":"Intrinsec"},"sameAs":["https:\/\/www.intrinsec.com"],"url":"https:\/\/www.intrinsec.com\/en\/author\/ufhtbqccsz\/"}]}},"_links":{"self":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts\/228078","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/comments?post=228078"}],"version-history":[{"count":0,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/posts\/228078\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/media?parent=228078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/categories?post=228078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.intrinsec.com\/en\/wp-json\/wp\/v2\/tags?post=228078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}