Programme

Day 1 - 9th September

8:30 - 8:50 Opening of CyberHOT Day 1 - Registration


8:50 - 9:00 Welcome by the Organisers


9:00 - 9:30 Keynote Speaker - Automating Cyber Defenses Tejas Patel (DARPA Program Manager) 


9:35 - 10:35 Mechanics for Modern Attacks by Elias Athanasopoulos (UCY) & Dimitra Siaili (ITML)

In the first part we are going to discuss how memory corruption is still a problem, and in the second part more attacks and defenses in the energy sector.


Topics:

Module 1: safe vs unsafe systems, memory-safe vulnerabilities, stack in Intel/32-bit, code injections, defenses.

Module2: Real-time Threat Notifications and Response, Vulnerability Management and Reporting.


Tools: Module 1: gdb, gcc or clang toolchain for Intel/32-bit

Requirements: No Requirements


10:40 - 10:50 Coffee Break ☕


10:55 - 12:55 Communication in Cyber Incident Response by Ricardo Lugo (TalTech) & Paresh Rathod (Laurea & trustilio BV)


Topics: Cyber Situational Awareness Communication for Decision-making.

Requirements: No requirements


13:00 - 13:55 Lunch Break 🍽️


14:00 - 16:00 (1) Cybersecurity Stack: Fundamental Software Tools (2) Secure Healthcare Software Development by Stylianos Karagiannis (PDMFC) & Luis Miguel Campos (PDMFC)

Module 1: This module provides an in-depth exploration of essential software tools used in cybersecurity. Learners will gain practical skills in deploying and utilizing these tools to protect digital environments effectively.

Module 2: Participants will learn to conduct code scanning and maintain healthcare software that meets security standards.


Topics: 

Module 1: 


Module 2: 


Tools: 

Module 1: Laptop with access to Jupyter Notebook on Google Collabs or Kali Linux (as VM) to participate actively on a virtual lab, at least 8GB RAM free, 40 SSD free

Module 2: SAST Tools (e.g., CodeQL), GIT, DAST Tools

Requirements: Need to create account on Google Collabs and GitHub (if not have one), have a spare Linux VM or native just in case.


16:05 - 16:15 Coffee Break ☕


16:20 - 17:20 The weaponization of OSINT by Vanessa (TalTech) & Ahmed Nasr (TalTech)

A presentation and a demo explaining the case on targeting OT personnel.


Topics: OSINT, OT personnel


Tools: We as presenters BOYD, but important to have a screen where to present and speakers just in case if we need to present the demo in video form.

Requirements: Basic knowledge of security.


17:20 – 17:30 End of CyberHot Summer School Day 1


Day 2 - 10th September

8:30 - 8:50 Opening of CyberHOT Day 2


8:50 - 9:00 Welcome by the Organisers


9:00 - 9:30 Keynote Speaker WiIliam Arbaugh (University of Meryland) 


9:35 - 11:35 Network Security Essentials and Penetration Testing for SMEs by Paresh Rathod (Laurea & trustilio BV) & Riku Salmenkylä (Laurea) & Foteini Petropoulou (Zelus)

This workshop dives into the growing importance of Network Security Essentials and Penetration Testing for SMEs. The training also offers the hands-on demo of Nmap and Wireshark for Penetration Testing and Cybersecurity. We will explore two key initiatives that offers more comprehensive professional training on the subject including EU CyberSecPro and NERO project.


Topics: 


Tools: Demo of Wireshark and NMap (how these two tools can be used offensively and defensively)

Requirements: Open mind, curiosity and basic knowledge of security 


11:40 - 11:50 Coffee Break ☕


11:55 - 13:55 Penetration Testing and Crowdsourcing platforms by Christos Grigoriadis (Focal Point) & Dimitris Koutras (UPRC)

Exploitation identifies vulnerabilities like buffer overflows and format string issues by analyzing and manipulating executable code.  This training assesses internal threats, patch management, and web based incident response strategies and overall security posture flaws.


Topics: Web, Network, Systems, Bug Bounty


Tools: Hack The Box platform

Requirements: Basic knowledge of security 


14:00 - 14:55 Lunch Break 🍽️


15:00 - 17:00 Mastering Cyber Defense: Hands-On Training with Montimage Cyber Range by Wissam Mallouli (MI) & Pedro Félix (OneSource)

The seminar will address the crucial aspects of cybersecurity by immersing participants in the practical use of the Montimage Cyber Range. Attendees will learn how to generate, detect, and respond to various cyber attacks, including ransomware, phishing, and denial of service (DoS) attacks. Using Montimage's advanced MMT solution, this hands-on training will provide real-world scenarios to enhance skills and preparedness in cybersecurity defense. The training is supported by NERO and CYBERSUITE HE projects.


Topics: Concept of cyberranges (W), Generating Cyber Attacks (P), Detection Techniques (P), Response and Mitigation (W), Practical Exercises (WP)


Tools: Montimage ADR Cyber Range, MMT (Montimage Monitoring Tool), Antiphishing cyberrange

Requirements: Basic understanding of cybersecurity concepts, Familiarity with network protocols and architecture


17:05 - 17:10 Coffee Break ☕


17:15 - 18:15 Sector Specific Controls and Standards by Argyro (Iro) Chatzopoulou (APIRO), George Kliafas (MAG) & Pinelopi Kyranoudi (TUC)

This session covers the following subjects:


Topics: 


Tools: https://www.enisa.europa.eu/topics/cybersecurity-policy/nis-directive-new/minimum-security-measures-for-operators-of-essentials-services

Requirements: Basic knowledge of security 


18:20 – 18:30 End of CyberHot Summer School Day 2 - Certifications 🏆🎓


Background Requirements for the attendees:

Nice to have