News Feed


ROOTCON 15 has rebooted! Thank you!
Posted on: 10.04.21

Since the pandemic has given us an uncontrollable challenge but stopping is not an option. The last-minute changes of ROOTCON 15 speak for its theme “Rebooted”, we had to reboot and change everything from being a supposed to be hybrid conference to a full-virtual conference, this wouldn't be possible if the Goons didn't offer their sleepless nights to deliver an excellent quality conference, to our speakers who gave their esteemed time to do their pre-recording to provide ROOTCON a top-notch content. The support of our sponsors gave a huge impact in making this possible, and lastly, to our highly regarded con-goers for being kind and patient in the humps, ROOTCON has been dealing with.

We are looking forward to next year for the Philippine hacking community to connect physically.

Again from all of us at ROOTCON sending our love to everyone! Keep safe and healthy.

Archives and YouTube uploads coming your way.

ROOTCON 15 has been rebooted! Thank you!
Posted on: 10.04.21

Happy Monday! This is it hacker fam! Time to choose your battle!

Official Games Registration Now Open!

Capture The Flag - The most grueling ROOTCON CTF to date, right at the comfort and safety of your very homes. This pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer.

Hacker Jeopardy - The Sweet Revenge! Because the game is now virtual (and we have no budget to ship the Blue Labels to all the players), the Goons and Babes will be drinking the booze instead of the players! Answer the question right and the Goons get drunk. Answer the question wrong and the Babes get drunk. Choose your revenge!

Choose your battle wisely

Register Now: https://rootc.onl/official_games_reg (only for registered attendees)

Details:
Hacker Jeopardy
Capture The Flag

Official Games Registration
Posted on: 10.04.21

Happy Monday! This is it hacker fam! Time to choose your battle!

Official Games Registration Now Open!

Capture The Flag - The most grueling ROOTCON CTF to date, right at the comfort and safety of your very homes. This pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer.

Hacker Jeopardy - The Sweet Revenge! Because the game is now virtual (and we have no budget to ship the Blue Labels to all the players), the Goons and Babes will be drinking the booze instead of the players! Answer the question right and the Goons get drunk. Answer the question wrong and the Babes get drunk. Choose your revenge!

Choose your battle wisely

Register Now: https://rootc.onl/official_games_reg (only for registered attendees)

Details:
Hacker Jeopardy
Capture The Flag

Challenge Pins
Posted on: 10.01.21 (Updated 10.03.21)

Aside from the pride, bragging rights, and the coveted black badge which entitles our winners for a free ROOTCON pass, this year 2021 (October 14) ROOTCON launched the ROOTCON Challenge Pins, all official contests winners will be receiving this coveted ROOTCON Challenge Pins. You can be awarded by the ROOTCON Challenge Pins by playing these grueling ROOTCON Official games.

Capture The Flag -- The most grueling game in every hacking conference, ROOTCON is no different! This game is not for the faint-hearted it requires sleepless nights of problem-solving, cryptos, puzzles, and exploitation.

Hacker Jeopardy -- Do you have a liver of a metal, up-to-date with the latest technologies, or have a geekish, nerdish historian-fu skills? This game is for you.

Do you have what it takes to be a well-decorated ROOTCON Official Contests Team? Prove it, earn the pride and the pins!

Check-out our Hall-Of-Fame page.

Updated: October 3, 2021

Hybrid Updates!
Posted on: 09.21.21

Whereas Covid-19 cases have been rising continuously with a daily average of around 20,000 cases, forcing our government to implement heavier and stricter protocols such as ECQ and MECQ to prevent further infection of the virus. Due to these unfortunate circumstances, the hybrid setup for ROOTCON 15 will no longer be proceeding. As much as we want this setup to be implemented, the situation and circumstances make it more difficult for us to mobilize, possibly risking the good health of our beloved con-goers.

In line with this, going full virtual will be the safest and efficient way to conduct our informative and productive conference without risking the health of our participants. But rest assured, our awesome talks will proceed and be delivered as planned, and your conference kits will be delivered to your doorsteps!

For those who signed-up for Human+ you will be refunded with the price difference of Human tickets, kindly contact comms as soon as you can. Once again we apologize for this inconvenience it might cause you and we hope everyone stays safe during this time.

Stay Safe and Lots of love from ROOTCON!

RC 15 Schedule Published
Posted on: 09.03.21

ROOTCON 15 is just around the corner, the pandemic won't stop us!

This year we added two more pre-con days to fill in your conference week for pre-con, we have seven talks to kick-start your conference week! it will be followed by the ZerØ Hour Movie Night late in the evening.

Day &OSlash; we will be hosting the villages to sharpen your hack-fu skills before we start the con proper. Con proper starts on Day 1 & 2, October 14 & 15.

Get pumped up and start planning your conference week. If you haven't registered yet now is a good time!

Village Page is Live!
Posted on: 08.27.21

Villages are now live!

This year's Lock Picking Village is exclusive to Human+ participants only, and it's all about high-security locks. We will have an in-depth discussion and hands-on demo on high-security locks, the different mechanisms, and ways to attack them.

Car Hacking Village will be putting up some talks for newbies to get you started with your automotive hacking-fu.

Keep your radar open for updated village talks and schedules.

Keynote Speakers Announced!
Posted on: 08.23.21

Let's all welcome our keynote speakers for ROOTCON 15!

Harshit Agrawal (@harshitnic)
Harshit Agrawal is currently working as a Radio Security Researcher. He is enthusiastic about SIGINT, Drone Pentesting, and IoT Security. He presented his research at International Security conferences like RSAC USA, DEFCON, HITB Cyberweek, HITB Amsterdam, etc. Previously, he was President at CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts, giving him a good insight into cybersecurity and increased his thirst to explore more in this field. Learn more: https://www.linkedin.com/in/harshitnic/

Emil Tan
Emil has experience in many cybersecurity trades —including R&D, cybersecurity operations, governance, policies and regulations, and consultancy. Emil is an active contributor in the cybersecurity ecosystem. He plays an active role in catalysing cybersecurity conversations and thought leadership in the community. Amongst many things, he co-founded Division Zero (Div0) —a cybersecurity community group in Singapore—, and Infosec In the City, SINCON —a techno-centric cybersecurity conference. Emil is also often found speaking under various spotlights —including 44CON, Black Hat Asia, BSides London, Hack In the Box (HITB) Singapore, The Honeynet Project Workshop, and at universities and many various cybersecurity plenaries.

RC15 More Tracks Announced!
Posted on: 08.16.21

Let's get this show on the road. We are excited to announce the second and final batch of talks for ROOTCON 15. Here's a glimpse of what was added to the line-up.

Buzzard : Crafting your post exploitation framework against odds
Click Here For Free TV! Chaining Bugs to Takeover Wind Vision Accounts
Gathering Cyber Threat Intelligence from the Cybercriminal Underground
Hack the Planet! Desecuritise Cyberspace
Keeping Up With Modern Automotive Exploitation
Securing Process Control Data Transmission to the Blockchain Network
The Curious case of knowing the unknown
The Kill Chain: Future of Cyber in Defense
Using Wordpress comments section as a C&C for fun
VMProtect2 : Architectural Analysis, Exploitation, and VMP2 IL

Everything is coming to place now! Check the complete track lists.

ANNOUNCEMENT: RC15 Ticketing Platform
Posted on: 08.15.21

We just recently noticed that Eventbrite made a recent change and they removed their Direct Deposit / Bank Transfer feature depending on the processing country, unfortunately, the Philippines was not part of this list. Having said that we will be migrating our registration platform to Eventzilla, this is for us to cater to our con-goers that do not have a Paypal account and will opt for offline registration.

Eventzilla is more flexible, feature-rich, and as intuitive as Eventbrite, it still supports electronic check-in and still supports both iOS and Android for our con-goers to store their electronic tickets.

We apologize for the inconvenience this might cost our con-goers. For those who already registered we will be sending your new tickets directly to your mailbox.

Also a quick reminder that early-bird is nearing an end so hurry and register now!

RC15 CFP Now Closed
Posted on: 07.25.21

We would like to thank everyone who submitted their awesome talks! The CFP Review Board is still validating the second wave of talks please stay tuned for more announcements.

First batch of talks:

Attacking Modern Environments Series: Attack Vectors on Terraform Environments Inbox
Burnout: The Security Risk
Crafting your own combat hardware
Discovering C&C in Malicious PDF with obfuscation, encoding and other techniques
Fuzzing: Revisiting Software Security
Malware Hunting - Using python as attack weapon
OAuth Authentication Bypass
Phishing & Education: Applying security principles during the pandemic
Skrull Like A King: From File Unlink to Persistence

Check full details of each talks at Talks Page.

RC15 Content Now Live
Posted on: 07.16.21

This is it hacker fam, ROOTCON 15 is slowly shaping up, before we will officially open the registration we would like to present to you the initial batch of speakers and their talks.

Check out the Speakers page to know our speakers and the synopsis of their talks on the Talks page.

To know the people who vetted these awesome talks check our CFP Review Board.

RC15 Prices Now Available
Posted on: 07.15.21

This year ROOTCON Hacking Conference will be a hybrid conference, we will be catering both virtual and physical attendees. For questions please refer to FAQ Page or email us at comms [at] rootcon dot org.

Discord, you will be given access at the RC15 - Rebooted Chat Lounge to interact with other con-goers.

Human, you will be able to join the conference virtually via Zoom, other activities such as workshops and trainings are not available.

Human+, if you register as Human+ you will get a full hybrid conference experience, this is in-person at Pico Sands Hotel, a good way to reconnect back to the hacker community in person.

Prices, inclusions and other details at the registration page.

RC15 Venue Details
Posted on: 07.5.21

ROOTCON 15 will be held (and headquartered) at the famous and secluded vacation beaches of Pico De Loro! The venue is ideal during this pandemic as it is well-secluded from the public and their safety protocols help avoid any unnecessary contacts from the outside.

Pico Sands Hotel, two and a half hours away from Manila, the 1.5 kilometer sandy shore of Pico de Loro Cove awaits. Take a break at Pico Sands Hotel, a tropical contemporary seven-story hotel that offers spacious rooms equipped with modern amenities and captivating views of the lush mountains and tranquil lagoon.

RC15 Black Registration Closing Soon
Posted on: 07.5.21

Blackcard registration will be closing on July 19, 2021.

What are the perks?
1. 20% discount on ROOTCON tickets applicable only on regular rates.
2. 10% off on all official ROOTCON swags.
3. FREE Entrance on ROOTCON Hackerspace activities.
4. FREE drinks at the ROOTCON chill-out area on the day of the event.
5. Priority lane during ROOTCON event check-in.

If you have an expired Blackcard email us at comms [at] rootcon dot org.

For new registration please register here.

Call For Sponsors Now Open!
Posted on: 05.29.21

Choose from a wide range of sponsorship opportunities.

✓ Brand Exposure
✓ Community Presence & Support
✓ Recruitment Opportunities
✓ Professional Networking

Visit the sponsorship page

Call For Papers Now Open!
Posted on: 05.27.21

Let's get this party on the road! ROOTCON would like to announce Call For Papers for ROOTCON 15 is now open!

xxxxxxXXXXXXXxxxxxxxx
BEGIN MESSAGE
-------------
WHAT: ROOTCON 15 Call For Papers
WHEN: September 30 & October 1, 2021
WHERE: Hybrid Conference - Physical (Pico Sands Hotel) Virtual (via Zoom)
DEADLINE: July 25, 2021
-------------
END MESSAGE
xxxxxxXXXXXXXxxxxxxxx

Details at Call For Papers

Announcement: ROOTCON 15 Hybrid Con
Posted on: 04.19.21

We are nowhere near the end of this Covid-19 pandemic but that will not stop our creative organizers from delivering another great conference for everyone this year!

ROOTCON 15 will be a hybrid conference this year, having both physical (very limited slots) and virtual (stay at home) sessions available for our attendees.

Date — September 30 & October 1, 2021

Venue  —  For those who will be physically attending the event, ROOTCON 15 will be held (and headquartered) at the famous and secluded vacation beaches of Pico De Loro! The venue is ideal during this pandemic as it is well-secluded from the public and their safety protocols help avoid any unnecessary contacts from the outside.

Physical Attendees —  we REQUIRE that all humans who plan on physically attending the conference to undergo an on-site antigen swab test, and follow the usual proper health protocols such as wearing a face mask and face shield at ALL times. Tables and seating arrangements will be in accordance with the hotel's safety protocols adhering to National and LGU guidelines.

As with the previous year when the pandemic started, majority of RootCon's speakers will come from around the world and will be presenting their talks over videoconference platforms from the safety of their homes or offices. Large screens will be made available to our physical attendees in the hotel's secured conference rooms.

Virtual  —  virtual attendees will be the same as last year where you are given a link to join the conference. Other mediums such as Twitch, Youtube, and Discord will also be available for you to participate and communicate.

Badges This year we will have two types of badges.

* Human  — if you wish to attend virtually you will be given a Human badge, which will be shipped to you a week before the conference.

* Human+ —  for our physical attendees, a Human+ (Human-plus) badge will be given to the attendees, plus a limited edition challenge coin for your collection!

Other inclusions will be posted as soon as we open the registration.

Rates and Registration
Human+ rates will cost a premium over the regular Human registration rates to cover your snacks, meals and your swab test kits. We will be announcing the exact registration rates in the next coming days.

Back-up plans  — Speakers will present their talks LIVE during the event but we require them to submit a recorded version of their talks just in case there will be last-minute restrictions from the government. In the event physical attendance does not push through, ROOTCON will be issuing a refund to our Human+ registrants. Details of the refund guidelines will be posted in the registration page.

We will be putting up an FAQ page specific to the hybrid setup of the conference as soon as we launch the ROOTCON 15 website.

I am looking forward to seeing everyone virtually and physically!

Keep safe!
-semprix

ROOTCON 15 Theme: Reboot
Posted on: 04.07.21

Last year was a turbulent ride, this year is a complex one, as we slowly recover from the pandemic it's time for a reboot.

This year's theme reading material is Reboot by Amy Tintera, the book presents an interesting mix of dystopian science fiction and horror elements.

Synopsis
Five years ago, Wren Connolly was shot three times in the chest. After 178 minutes she came back as a Reboot: stronger, faster, able to heal, and less emotional. The longer Reboots are dead, the less human they are when they return. Wren 178 is the deadliest Reboot in the Republic of Texas. Now seventeen years old, she serves as a soldier for HARC (Human Advancement and Repopulation Corporation).

Plans in play
Here's what ROOTCON 15 will look like in different scenarios.

Physical + Social Distancing, this has a very low survey rate and will not be feasible this year to conduct a full physical conference.

Hybrid (Limited Physical + Virtual), we received very good numbers for this type of conference and we are leaning towards having a Hybrid Conference this year.

Full Virtual, this setup will be the same as last year, this will also be a fallback should there be changes in government guidelines when it comes to limited physical conferences.

Date
September 30 and October 1, 2021

Recovery Mode Archives NOW LIVE
Posted on: 10.16.20

Slide-decks are now available for downloads, for the tracks videos we are currently working on it's post-processing and will be uploading to our Youtube channel soon. Check back later for updates.

Checkout the Recovery Mode Archives.

Opening Keynote: Casey Ellis
Posted on: 10.8.20



The Unlikely Romance: Part 2 - Now What?

We did it! After 30 years of tireless and largely thankless education, research, blood/sweat/tears, and legal threats, the world is finally starting to understand that hackers can be "locksmiths" and aren't necessarily "burglars". Better still, dogs and cats have found a way to get along and security experts have a seat at the table to help keep businesses their users safe and prosperous. We've slain the dragon, and can now ride off into the sunset... Right? Not quite. Now that we have the world's attention, what are we going to say? How do we say it? As a community, now what? This talk goes through the history of how the cybersecurity industry got the place it is today, the opportunity that exists for hackers all around the world, and the things we'll need to figure out in order to take advantage of it to continue to do those crazy things we do and make the world a safer place in the process.

Car Hacking Village Talks Now Live
Posted on: 09.06.20

ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community: https:// www.carhackingvillage.com/about.

The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".

Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches

CTF Quals Concluded
Posted on: 09.23.20

ROOTCON Recovery Mode Capture The Flag Qualifier round has been concluded.


Top 3
TheGenerals with 1900 points
FACBois with 950 points
Novice with 850 points

Finalist
툴롱 주세요
MI
Hakdogzz
giddsec
Kaizen
Anjing
Goblok

Congratulations to the teams that made it to the finals. ROOTCON Recovery Mode CTF Finals will be held on October 8, 9, and 10.

Car Hacking Village Talks Now Live
Posted on: 09.06.20

ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community: https:// www.carhackingvillage.com/about.

The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".

Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches

Capture the Flag Quals
Posted on: 09.13.20

This year, we will be conducting two phases of the CTF--the qualifiers and the finals. In which only one winning team will be declared the ROOTCON14 CTF: Recovery Mode Champions and will be awarded the coveted ROOTCON Black Badge.

More details...

Car Hacking Village Talks Now Live
Posted on: 09.06.20

ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community: https:// www.carhackingvillage.com/about.

The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".

Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches

Final Round of Talks!
Posted on: 08.20.20

2 wires and 2 wheels: Bikes can do CAN too

A deeper diving on shellcode...

Automating Threat Hunting on the Dark Web and other nitty-gritty things

Discover vulnerabilities with CodeQL

From an 'IVI in a box' to a 'CAR in a box'

High Value Adversary Emulation through Purple Team and the C2 Matrix

Inside the Mind of a Threat Actor: Beyond Pentesting

Payload delivery for initial access in Adversary Simulation exercise

Pursuing Evasive Custom Command & Control (C3)

Zero Trust in the Era of Cloud

You may check out complete list of talks for ROOTCON Recovery Mode.

Recovery Mode Swags
Posted on: 08.18.20

ROOTCON 14 Slash - we are supposed to have our 14th iteration of ROOTCON this year, but due to the Covid19 pandemic we had to slash RC14 and switch to Recovery Mode.

Recovery Mode Official - Our official recovery mode t-shirt.

Hack-At-Home - companies are starting to work from home due to the pandemic and that doesn't separate us InfoSec people and hackers, we should stay at home and hack.

More details on Pre-orders

Recovery Mode First Round of Talks
Posted on: 08.03.20

The long wait is over! First round of talks for ROOTCON Recovery Mode Edition is now up!

Blockchain Based OT Monitoring Solution (BBOTMS)

Cracking Financial Systems

Hackers Don't Wear Black Hoodies, They Wear Capes

I've Injected a DLL - You Won't Believe What Happened Next!

Offensive Embedded Exploitation : Getting hands dirty with IOT/Embedded Device Security Testing

Quark Engine - An Obfuscation-Neglect Android Malware Scoring System

Recovery Mode Keynote
Posted on: 08.03.20

Casey Ellis
Casey is the Chairman, Founder and CTO of Bugcrowd. He is an 18 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant and solutions architect, then most recently as a career entrepreneur. Casey pioneered the Crowdsourced Security as a Service model launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2016. A proud ex-pat of Sydney, Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he is pursuing potential.

Randolph Barr
Head of Product Security at Zoom & Contributor CISO Council for Zoom. Bug Bounty Program, Application Security, Technical Security. Most recently, Barr served as CISO at Topia, overseeing security for the company’s global cloud-based platform.

As the former CISO at Aryaka Networks, Saba, the Talent Development company, Barr created the company's global security program from the ground up. Prior to Saba, Barr held CISO positions at leading cloud companies including ServiceSource, Qualys, Yodlee and WebEx Communications.

Breaking News: RC Recovery Mode
Posted on: 08.03.20

One of the challenges mentioned in my previous post was THE OUTBREAK. Since March 26, we are closely monitoring the Covid19 pandemic situation both locally and internationally, after the ECQ (Enhanced Community Quarantine) has been lifted the number of cases in the Philippines shoots-up, this could be an early warning that we will be going back to ECQ anytime or in between ROOTCON 14 planning.

At this time everything is just so uncertain, it makes planning very difficult. Travel restriction could vary from one country to another, hotels and bars are still closed or only caters a specific number of people. Furthermore we don't want to risk the health safety of our crew, speakers, sponsors, and attendees.

Like most other hacking conferences, ROOTCON 14 will be entering Recovery Mode, you may call it a Limited Edition as this is the first time in the history of ROOTCON that we will be hosting the full event virtually. We are looking forward to seeing everyone.

Stay tuned for more ROOTCON Recovery Mode announcements. In the mean time Call for Papers and Call For Sponsors are still on-going.

All the best,
-semprix