-
Mattias Wadenstein (NeIC)10/06/2025, 10:00Talks and presentations
Opening remarks from the organizers with practical information.
Go to contribution page -
Emelie Ohlson10/06/2025, 10:15Talks and presentations
Moving to the public cloud should not feel like navigating a maze of
Go to contribution page
roadblocks - yet for DevOps teams in regulated industries, that is often the
reality. Compliance, risk, legal, and information security teams frequently
operate in silos, slowing down DevOps teams' ambition to deliver innovation
at speed. In this session, we will explore how Compliance-as-Code can unify
these efforts,... -
Jeremie A10/06/2025, 11:15Talks and presentations
In this talk, I will walk you through my journey of reverse engineering and cracking a binary protected by a modern licensing software stack named CryptLion.
The presentation will be structured into three main sections, going from my first observations (as a hacker more used to exploit Linux binaries than Windows executables) to successfully creating my own version of the program without...
Go to contribution page -
Yufei Wu10/06/2025, 13:00Talks and presentations
Dynamic taint analysis (DTA) is widely used to detect information flow
Go to contribution page
vulnerabilities by tracking the propagation of taint tags at runtime.
However, existing DTA approaches rely on the assumption that the underlying
type system is secure. In reality is it often not the case. In this
presentation we will look at how attackers can manipulate object types and
directly alter taint labels,... -
HANTANG ZHANG (Umeå University)10/06/2025, 13:45Talks and presentations
As Android continues to dominate the global mobile market, cybercriminals
Go to contribution page
increasingly target its vast user base with sophisticated malware. In this
presentation, we propose an interpretable framework for Android malware
detection that leverages language model to analyze a range of
features—including app manifests, API calls, and opcode sequences. By
integrating feature analysis... -
Vlad Iliushin (ELLIO)10/06/2025, 14:30Talks and presentations
As scanning and reconnaissance grows more diverse - from public platforms like Shodan and Censys to hidden probing by botnets and bulletproof hosting services-security teams need better ways to understand who is on the other side of their network connections.
This talk will show how network fingerprinting has developed over time, starting with tools like p0f and moving up to more...
Go to contribution page -
Nick Dunn10/06/2025, 15:45Talks and presentations
A discussion of the OWASP ML Top 10 and OWASP LLM Top 10, and how a failure to apply these principles in 2001 A Space Odyssey, led to implementation flaws in HAL 9000, resulting in disastrous consequences for the crew.
Go to contribution page
There will be a discussion of failures to consider different aspects of both the LLM and ML top 10 during HAL's design and training phases, and the subsequent attempts to... -
Wendy Nather10/06/2025, 16:45Talks and presentations
The difference between being reasonably able to run a security program and falling below the cyber poverty line can be one year's budget cuts, a business event, a breach, a pandemic or a war. How can we help prevent organizations from falling over the edge, or lift up those who can't even see the edge from where they are? In this session, we'll talk about new initiatives, what more is needed,...
Go to contribution page -
Balazs Bucsay (CEO & Founder)11/06/2025, 09:00Talks and presentations
Do you trust the embedded devices around you? Perhaps you shouldn't! Even industry giants make significant mistakes. In this presentation, we will analyse Cisco's VoIP phones, that can be found in offices, governmental buildings, and even the White House. These devices were found to have critical vulnerabilities, including easily exploitable flaws.
Fun Fact: Did you know that President...
Go to contribution page -
Hasain Alshakarti (TRUESEC)11/06/2025, 09:30Talks and presentations
Imagine if you could watch every step they taken… Unmasking a threat actor activity is sometime like deciphering an ancient manuscript, but what if you can see every move and control when to strike the pause.
This session is not about log analysis, or following the breadcrumbs left by an elusive adversary. It is about having a full timeline of the threat actors machine and knowing exactly...
Go to contribution page -
Juho Jauhiainen (Accenture)11/06/2025, 11:00Talks and presentations
An analysis of one case, together with an analysis of other similar campaigns identified that use malicious advertisements to distribute weaponised open-source software. A walkthrough of one case from start to finish: how the malware was distributed, how the malware worked, what indicators were found by the malware analysis, and what was the motive of the threat actor?
Go to contribution page -
11/06/2025, 11:30Talks and presentations
DeepSeek is an open LLM model promising innovation in both efficiency and transparency – but how much do we really know about what’s happening under the hood? And what does it tell us about where we are in AI development?
In this session, we examine DeepSeek from two perspectives:
Security and risk: What challenges arise when an AI model is built and distributed openly? What does this...
Go to contribution page
Choose timezone
Your profile timezone: