Schedule
Please find details for all talks here.
Two Days of Trainings (17./18. November)
| Workshop 1 | Workshop 2 | Workshop 3 | Workshop 4 | Workshop 5 |
|---|---|---|---|---|
| Crypto Attacks (closed) Juraj Somorovsky & Tibor Jager (Ruhr University Bochum) |
Hacking Web Applications – Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more Dawid Czagan (Silesia Security Lab) |
Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices (closed) Alexander Bolshev (Digital Security) & Boris Ryutin (ZORSecurity) |
Pentesting and Securing IPv6 Networks (closed) Marc Heuse |
PowerShell for Penetration Testers Nikhil Mittal (Independent) |
| Workshop 6 | Workshop 7 | Workshop 8 | Workshop 9 |
|---|---|---|---|
| Social Engineering and Security Awareness Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung) |
Training: Developing and Using Threat Intelligence (closed) John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) |
Secure Web Development (closed) Marcus Niemietz (3curity GmbH) |
Practical Incident Handling (closed) Felix Schallock (TIBITS Consulting GmbH) |
All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.
Two Days of Conference (19./20. November)
Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.
Conference, day 1 - Thu, 19 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 08:00 | Registration opens | |
| 09:00 | T.B.A. |
|
| 09:10 | Can societies manage the SIGINT monster? Duncan Campbell (IPTV Ltd) |
|
| 10:00 | Hacking Cookies in Modern Web Applications and Browsers Dawid Czagan (Silesia Security Lab) |
A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs. James Bamford (Author and Journalist) |
| 10:50 | Coffee Break | |
| 11:10 | How to Break XML Encryption – Automatically Juraj Somorovsky (Ruhr University Bochum) |
Yes, Now YOU Can Patch That Vulnerability Too! Mitja Kolsek (ACROS d.o.o.) |
| 12:00 | File Format Fuzzing in Android - Giving a Stagefright to the Android Installer Alexandru Blanda (Intel Corporation) |
Bridging the Air-Gap: Data Exfiltration from Air-Gap Networks Mordechai Guri & Yisroel Mirsky (Ben-Gurion University of the Negev) |
| 12:50 | Lunch | |
| 14:00 | Building a Better Honeypot Network Josh Pyorre (OpenDNS) |
Cyber Cyber Cyber Warfare: Mistakes from the MoDs Raoul Chiesa (Security Brokers / ITU / APWG.EU / ISECOM / UNICRI / AIIC / CLUSIT / OWASP) |
| 14:50 | Advanced SOHO Router Exploitation Lyon Yang (Vantage Point Security) |
OSINT Barn Cat: Mining Malware for Intelligence at Scale John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) |
| 15:40 | Coffee Break | |
| 16:00 | Chw00t: How To Break Out from Various Chroot Solutions Balazs Bucsay (IT-Security Expert / Freelancer) |
Deactivating Endpoint Protection Software in an Unauthorized Manner Matthias Deeg (SySS GmbH) |
| 16:50 | 50 Shades of WAF - Exemplified at Barracuda & Sucuri Ashar Javed (Hyundai AutoEver Europe GmbH) |
Temet Nosce - Know thy Endpoint Through and Through; Processes to Data Thomas Fischer (Digital Guardian / Security B-Sides London) |
| 17:40 | Cryptography Tools, Identity Vectors for "Djihadists" Julie Gommes (Econocom-Osiatis / Security and Governance Consultant) |
The German Data Privacy Laws and IT Security Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung) |
| 20:00 | Speaker's Dinner | |
Conference, day 2 - Fri, 20 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 09:00 | illusoryTLS: Nobody But Us. Impersonate,Tamper and Exploit Alfonso De Gregorio (secYOUre) |
Have We Penetrated Yet?? Johnny Deutsch (Ernst & Young) |
| 09:50 | A Case Study on the Security of Application Whitelisting René Freingruber (SEC Consult ) |
Continuous Intrusion: Why CI Tools Are an Attacker's Best Friends. Nikhil Mittal (Independent) |
| 10:40 | Coffee Break | |
| 11:00 | Cryptographic Enforcement of Segregation of Duty within Work-Flows Thomas Maus (IT-Security Expert / Self-employed) |
DDoS: Barbarians at the Gate(way) Dave Lewis (Akamai Technologies) |
| 11:50 | Legal Responses Against Cyber Incidents Oscar Serrano (Undisclosed) |
Revisiting SOHO Router Attacks Jose Antonio Rodriguez Garcia, Ivan Sanz de Castro, Álvaro Folgado Rueda (Independent Researchers) |
| 12:40 | Lunch | |
| 14:00 | Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library Bernhard Göschlberger, MSc MLBT BSc & Sebastian Göttfert, BSc (Research Studios Austria FG) |
Visualizing Wi-Fi Packets the Hacker's Way Milan Gabor (Viris) |
| 14:50 | ZigBee Smart Homes - A Hacker's Open House Tobias Zillner, Florian Eichelberger (Cognosec GmbH) |
Remote Browser-Based Fingerprinting of Local Network Devices Manfred Kaiser (Josef Ressel Zentrum TARGET) |
| 15:40 | Coffee Break | |
| 16:00 | Not so Smart: On Smart TV Apps Marcus Niemietz (3curity GmbH) |
IntelMQ L. Aaron Kaplan (CERT.at) |
| 16:50 | Measuring the Tor Network Jens Kubieziel (TorServers.net) |
HackingTeam - How They Infected Your Android Device By 0days Attila Marosi (SophosLabs - Senior Threat Researcher) |
| 17:40 | Agile Security: The Good, The Bad, and mostly the Ugly Daniel Liber (CyberArk) |
HORNET: High-speed Onion Routing at the Network Layer Chen Chen (Carnegie Mellon University / ETH Zurich) |
| 18:20 | Closing Ceremony | |
| 21:00 - ∞ | Screening "A Good American" @ Burgkino | |
| 22:30 - ∞ | Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien | |