
Aleksandar Mirković


What is so funny on DarkWeb?

Sreda, 08.04.2020
16:00 - 16:30
O predavanju

Aleksandar Mirković is an Information Security professional with more than seven years on a leading (CISO) positions in financial and retail institutions. He is founder of eSigurnost Association that gather a lot of security professionals from the region. Also, he is a board member of ITVestak Association, largest digital forensics and court expert witnesses in the region. Aleksandar is teaching security in the past few years, from hands-on trainings, such as CEH to Management trainings such as CISSP, Security +, and working as an Information Security consultant and penetration tester.

Aleš Ažman

Detekta d.o.o.

Socialni inženiring, ki se mu ni mogoče ubraniti

Četrtek, 09.04.2020
17:00 - 17:30
O predavanju

Aleš Ažman je zasebni detektiv z licenco, zaposlen v podjetju Detekta, detektivsko-varnostna agencija in svetovanje d.o.o. Ima dolgoletne izkušnje iz vojske, posebej s področja CIMIC, saj je bil kot častnik SV tudi inštruktor v centru odličnosti Nata (CCOE) na Nizozemskem. Pridobljene izkušnje iz mirovnih operacij in šolanj v različnih oboroženih silah po svetu uspešno prenaša v civilno okolje. Kot zasebni detektiv se dnevno srečuje z izzivi na različnih področjih detektivskega dela, od vdorov v zasebnost, nezvestobe, preverjanja zaposlenih, do iskanja skritih oseb in njihovega premoženja. Orodje, ki ga pri svojem delu uporabljala je največkrat prav svetovni splet.

Alessandro Vannini


Where is your data gone? A Hacker's Story

Četrtek, 09.04.2020
11:00 - 11:30
O predavanju

Sysadmin and Security Expert for work, Hacker for consequence. He divides his time between administering companies that are his customers and securying others companies by pentesting and vulnerability assessments. He spends his free time (few) moderating 3 Microsoft Technet Forums and managing an Italian Commuity called The Phoenix Group a facebook Cybersec and Sysadmin-Network group. He is a Certified Ethical Hacker since 2016 and he is actually in charge of 6th MVP Award in a row.

Andrei Cotaie

Adobe SCC

Weaponising Neural Networks. In your browser!

Četrtek, 09.04.2020
13:00 - 14:00
O predavanju

Andrei Cotaie is a Security Engineer specialized in Incident Response. Currently working for Adobe’s Security Coordination Center, Andrei made the transition from the public to the private sector almost 5 years ago. A big fan of automation and machine learning enthusiast, Andrei spends most of his time involved in monitoring and threat hunting projects, always trying to identify the latest unconventional attacks.

Andrei Grigoras


Weaponizing ROP with pwntools

Sreda, 08.04.2020
16:30 - 17:00
O predavanju

Even though he has worked in the security field for only 1.5 years, he has been fascinated since the first year of college.
He is mainly focused on the ethical hacking/penetration testing field with a high low-level knowledge on the Linux OS. He won multiple CTF contest prizes and was participant and speaker at HackTheZone and Defcamp.

Andrej Tomšič

Informacijski pooblaščenec Republike Slovenije

Prijava kršitev varnosti osebnih podatkov (Data Breach Notification)

Sreda, 08.04.2020
11:00 - 11:30
O predavanju

Je državni nadzornik za varstvo osebnih podatkov in namestnik informacijske pooblaščenke, ukvarja pa se predvsem s področji zavarovanja osebnih podatkov, hrambe podatkov v elektronskih komunikacijah, biometrijo in neposrednim trženjem. Po izobrazbi je magister informacijsko upravljavskih ved. Opravljen ima tečaj in izpit za vodilnega presojevalca za standard ISO/IEC 27001:2005.

Boštjan Špehonja

GO-LIX d.o.o.

Kako hekerji vdrejo v notranje omrežje organizacije?

Sreda, 08.04.2020
15:00 - 15:30
O predavanju

Boštjan Špehonja je višji svetovalec informacijske varnosti s kar nekaj mednarodno priznanimi certifikati na področju etičnega hekanja (Certified Ethical Hacker – Master, Certified Network Defense Arcihtect, Security+, CEH Practical). Kot zunanji strokovni sodelavec sodeluje s podjetji Unistar ter Pro.Astec, kjer je v vlogi projektnega vodje zadolžen za vodenje skupine ter izvedbo projektov varnostnih pregledov. Ima širok nabor večletnih izkušenj, saj mu je pregled svojega IKT okolja zaupalo že preko 100 organizacij, kot so podjetja s kritično infrastrukturo, banke, zavarovalnice, ministrstva, ter številna druga podjetja. Izvaja tudi izobraževanja in delavnice na temo varne uporabe interneta in etičnega hekanja. Je soustanovitelj fundacije SICEH (Slovenian Certified Ethical Hackers) ter gostujoči strokovnjak na Univerzi v Mariboru in Gea Collegu, zraven pa vodi še svoje podjetje GO-LIX d.o.o. V lanskem letu je odkril ranljivost na uradni strani podjetja Microsoft in si tako prislužil objavo na spletni strani “Security Researcher Acknowledgments for Microsoft Online Services”.

Catalin Curelaru


The Empire Strikes

Sreda, 08.04.2020
17:00 - 17:30
O predavanju

Catalin is a passionate cybersecurity professional for whom security is more than a job, it's a habit. He works at Visma as a Product Security Engineer, enjoying his time into the Product Security Operations team, and is the OWASP Timisoara Chapter Leader where he aims to create a strong local security community focused on improving the application security world. Has also several recognized certifications in the security field like: MCSA, MCSE, Security+, CASP, CEH.


Črt Uršič

Fakulteta za varnostne vede UM

Hekanje in zaščita sodobnih alarmnih sistemov

Četrtek, 09.04.2020
15:30 - 16:00
O predavanju

Črt Uršič prihaja iz okolice Kamnika. Računalniki ga zanimajo že od otroštva, ko je začel obiskovati prvi razred. Srednjo šolo je zaključil kot tehnik računalništva. Trenutno opravlja drugi letnik Informacijske varnosti na Fakulteti za varnostne vede. Kot študent opravlja dela tudi na SIQ, na Oddelku za preverjanje informacijskih tehnologij. Poleg kibernetske varnosti ga zanima tudi področje umetne inteligence.

Csaba Virág

Cyber Services Zrt.

Intelligence: Do you have it?

Četrtek, 09.04.2020
12:30 - 13:00
O predavanju

Csaba Virág has more than a decade of experience in strategic, technical and administrative layers of the IT sector, in the security domain as an ethical hacker, cybersecurity professional and private sector subject matter expert.
Up to the summer of 2015 Csaba was leading several security sensitive IT developments, mainly focusing on critical infrastructures like transportation, healthcare and the telecommunication sector, since then he is focusing on cybersecurity and cyber defence related capability and capacity building activities.
As Head of Cybersecurity Competence Centre at Cyber Services he is responsible for novel knowledge transfer solutions, capacity and capability building developments along with delivering capacity building activities for critical infrastructure providers, CERTs, law enforcement and defense sector. His main focus area is enabling organizations with effective defensive capabilities through evidence based solutions. As pro bono activity he develops and provides awareness training for children, teachers and parents.
Csaba is member of the Board of Directors at European Cyber Security Organisation, drill planner and coordinator for UN-ITU Regional Cyber Drill series and member of DIGITAL SME Focus Group on AI.


David Petek

Fundacija SICEH

Zloraba posojil na blockchainu

Sreda, 08.04.2020
10:00 - 10:30
O predavanju

David Petek je varnostni inženir, programer in pentester. Zaposlen je v podjetju Tokens LTD, v katerem skrbi za varnost proizvedene kode. Je ustanovni član in član uprave fundacije SICEH ter gostujoči strokovnjak Univerze v Mariboru. Na področju informacijske varnosti ima pridobljena OSCP in Security+ certifikata. Pogosto predava na informacijsko-varnostnih konferencah in drugih sorodnih dogodkih. V prostem času se ukvarja tudi z iskanjem varnostnih ranljivosti.

Gregor Pogačnik

Fundacija SICEH

Zloraba posojil na blockchainu

Sreda, 08.04.2020
10:00 - 10:30
O predavanju

Gregor Pogačnik je zaposlen v podjetju Sportradar d.o.o. Delal je kot razvijalec programske opreme ter vodja sistemskih administratorjev. Zadnje čase poskuša izboljšati efektivnost razvoja (CI/CD) ter povezati oba svetova ("DevOps"). V tej vlogi ne zanemarja pogleda na računalniško varnost, pri čemer se z izkorišcanjem ranljivosti v kontroliranih okoljih ukvarja bolj ljubiteljsko. Zanimajo ga porazdeljeni sistemi in kriptologija, zaradi česar je tudi navdušen nad tehnologijami veriženja blokov in kriptovalutami. " Je član ACM, Bitcoin društva Slovenije in član uprave Fundacije SICEH.

Holger Spohn


Cyberwar, fact, myth or legend

Četrtek, 09.04.2020
09:00 - 09:30
O predavanju

Born on the 29th of Feb 72 in Karlsruhe, Germany.
After attending school, which ended with a high school diploma, I joined the German Air Force.
There I made my masters in Electrical Engineering, after that worked in Air Traffic Controlling, from there became an IT officer which led me to the NATO Airborne Early Warning & Control Force Command (AWACS) in SHAPE.
I was a Communication officer in the HQ, with the responsibility for frequency management, Air and Ground communication, the Communication Budget of the HQ and related tasks.
Once finished, I left the military and I joined SHAPE as a NATO Civilian, working in the Intelligence Division (J2) as a CIS Security Supervisor.
Main job functions are inspections, policy development, incident management, security awareness, technical and threat advice and now Intel Support to the Cyber domain, which is a capability we want to build up for the future. I am also supporting CIS Security responsibilities for our operation on Afghanistan, which right now focuses on Train, Advice and Assist of the AFG security forces.

Jagor Čakmak

INFIGO IS d.o.o.

Trends in mobile application vulnerabilities in the region

Sreda, 08.04.2020
09:00 - 09:30
O predavanju

Jagor Čakmak is currently working as Information Security Consultant in Penetration Testing team at Infigo IS. He has finished Telecommunication and Informatics masters programme at Faculty of Electrical Engineering and Computing in Zagreb and started working in security field at Croatian National CERT within Croatian Academic and Research Network. After incident response and R&D projects he moved to Erste Group Card Processor as an Operations Security Officer. In the end he switched his blue team role to red team at current company.

Jannis Kirschner

Independent Security Researcher

Vulnerability Research in Large-Scale Systems

Četrtek, 09.04.2020
10:00 - 10:30
O predavanju

Jannis is one of Switzerland’s leading cybersecurity researchers and ctf players.
With a passion for reverse engineering and exploit development, he loves to analyze complex applications.
Jannis regularly participates in challenging national and international cybersecurity competitions and speaks about cutting-edge security topics at various conferences and events.

Julian Suleder

ERNW Research GmbH

Medical Device Security: Please (don’t) be patient!

Sreda, 08.04.2020
12:00 - 12:30
O predavanju

Julian Suleder is a Security Researcher and Penetration Tester at ERNW Research GmbH.
His special research interest is the security of medical devices as he holds a master’s degree in medical informatics from Heidelberg University and Heilbronn University, Germany. Besides his studies, he worked as Academic Assistant at Heilbronn University and taught the concepts of the risk-driven approach for the specification of requirements for the reliability and information security of complex systems, as well as methods and techniques for the safe design and safe development of software.
Besides IT security, he researches in the field of consumer health informatics and recently published his findings in the topics of technology adoption, motivational aspects of and privacy concerns on wearables in the German running community in one of the most relevant scientific journals of medical informatics.


Jurij Kodre


Kako si pri informacijski varnosti pomagamo z umetno inteligenco?

Sreda, 08.04.2020
15:30 - 16:00
O predavanju

Marcello Pogliani

Politecnico di Milano

Attacking the Wide Attack Surface of Manufacturing Systems

Sreda, 08.04.2020
13:30 - 14:00
O predavanju

Marcello Pogliani holds a PhD in Information Technology from Politecnico di Milano with a dissertation on the security of manufacturing systems. He is affiliated with the NECST Laboratory of the same university, where he works with the Computer Security group. His current research interests revolve around the security of cyber-physical systems. He is also generally interested in broader system-, web- and network- security issues. In his spare time, he enjoys playing and organizing Capture The Flag competitions with Politecnico's team, Tower of Hanoi and mHACKeroni.

Marko Grobelnik

Institut Jožef Stefan

Umetna inteligenca

Sreda, 08.04.2020
14:30 - 15:00
O predavanju

Matej Pečnik


Ujemi me, če me moreš

Sreda, 08.04.2020
09:30 - 10:00
O predavanju

Mateja Pečnika že od majhnega navdušuje iskanje novih tehnoloških rešitev, ki ljudem olajšajo in izboljšajo življenje. Tekom dodiplomskega ter kasneje magistrskega študija na Fakulteti za računalništvo in informatiko je razvijal avtomatizirane sisteme, mobilne aplikacije, spletne aplikacije in različne projekte, ki jih uporabljajo otroci, turisti, fotografi in zdravstvene ustanove. Poleg razvoja novih rešitev ga navdušuje tudi varnostni vidik delovanja sistemov in naprav interneta stvari.
V podjetju S&T Slovenija d.d. je del ekipe SOC, zaposlen kot varnostni inženir, kjer se ukvarja z varnostnimi pregledi, penetracijskim testiranjem ter razvojem novih orodij za ugotavljanje in odpravljanje kibernetskih pomanjkljivosti.

Matej Perhavec

SGS Digital Trust Services

Avtomatizacija penetracijskega testiranja oz. zakaj bi delal jaz, če lahko nekdo namesto mene

Četrtek, 09.04.2020
15:00 - 15:30
O predavanju

Matej Perhavec je zaposlen kot penetration tester v podjetju SGS Digital Trust Services GmbH v Gradcu. Pred tem je 7 let delal kot DevOps in DevSecOps inženir. V tem času je izpopolnil znanje avtomatizacije in digitalne varnosti ter nasplošno operacijskih sistemov in IT tehnologij. Trenutno se bolj usmerja v varnostno testiranje IoT naprav, saj je mnenja da se IoT naprave zmeraj bolj širijo in
uveljavljajo v vsakodnevnem življenju, in da smo vsi uporabniki upravičeni do varnosti in zasebnosti.
Avtomatizacijo poskusa vpeljati v pentesting, kolikor se le da, saj mu predstavlja izziv, omogoča večjo ponovljivost in točnost ter olajša in razbremeni vsakodnevno delo.

Matteo Cuscusa

Cuscusa Web & Security

The time when I became a puppeteer

Četrtek, 09.04.2020
13:30 - 14:00
O predavanju

Matteo Cuscusa is an ethical hacker and a social engineer. He’s been passionate about technology since when he was a kid and he founded Cuscusa Web & Security in 2009. He provides companies with offensive security services and simulated real world attack scenarios to help them understand their security posture. He’s the PoC of DC999, a group of thinkers, creators and hackers.

Matteo Peruzzi

Scarecrow’s hands-on guide for Penetration Testing

Četrtek, 09.04.2020
10:30 - 11:00
O predavanju

Matteo Peruzzi (aka iamscarecrow) is an italian Hacker and Penetration Tester living in London. Born on the 19th Feb 1996 and graduated in Mathematical Computer Science, he is a Msc Cyber Security Student at UWL currently researching on Secure Boot in embedded systems using Hardware modules such as TPMs. Member of hackthebox since one year, he hacked over 55 machines within the platform. His main interests are Penetration testing, Red Teaming, creating Exploits and hacking scripts, zero-days and Social Engineering.

Nejc Bajželj

Nemis, Nejc Bajželj s.p.

Zakaj bo leto 2020 obdobje AI kibernetskih napadov?

Sreda, 08.04.2020
08:30 - 09:00
O predavanju

Nejc Bajželj se poslovno s področjem informatike ukvarja že vsaj 20 let. V času svojega delovanja je imel odlično priložnost spremljati razvoj in napredek informacijske tehnologij skozi čas. To mu je dalo izjemen vpogled v katero smer se in se bo tehnologija v nadaljevanju razvijala. Ob vsestranski prisotnosti informacijskih naprav in procesov, opaža premalo poudarka na pomembnosti zasebnosti in informacijske varnosti. Njegov cilj je osveščanje posameznikov in organizacij o pomembnosti varovanja zasebnosti, varni komunikaciji in zmanjševanju tveganj pri uporabi današnjih tehnologij. Deluje kot vmesni člen med izvajalcem in naročnikom kot zaupanja vreden tolmač oz. člen, ki zagotovi, da naročnik od izvajalca dobi točno tisto, kar potrebuje.

Pablo Endres

SevenShift GmbH

How to shield an IoT product from the OWASP IoT TOP 10?

Sreda, 08.04.2020
13:00 - 13:30
O predavanju

Pablo Endres is the founder and Managing Director of SevenShift GmbH, an IoT boutique security company. He is an experienced Security Consultant, Professional Hacker, Technological Solution Architect and published author. He is a computer engineer, and he holds a handful of security certifications ISC2 CISSP, CompTIA Security+, and ISECOM’s, OPSA + OPST. Pablo’s career has taken place mostly doing security in a variety of industries, like wireless phone, VoIP solution and Cloud Service providers, Banks, contact centers and university labs. Pablo has founded multiple companies in different continents and enjoys hacking, IoT, reverse engineering, teaching, working with new technologies, startups, collaborating with Open Source projects, learning new things, teaching, networking and being challenged. In the last couple of years, he has been working mainly in IoT security, testing dozens of
devices and working with multiple platform providers to secure their solutions. Additionally, here teaches a hand-ons training on IoT security.

Pete Finnigan

Pete Finnigan Ltd., Oracle Security Expert

Un-hacking the Oracle database

Četrtek, 09.04.2020
08:30 - 09:00
O predavanju

Pete Finnigan is one of the most well known experts in database security. Pete Finnigan created the SANS Oracle security step-by-step guide and the CIS Oracle benchmark used by NIST, USA DoD and more is a reference to secure Oracle databases. Pete worked out the mechanisms that Oracle used to protect PL/SQL and showed how they can be easily defeated at the Black Hat conference in Las Vegas in 2006. Pete has published multiple books on databases security and speaks and publishes papers regularly. His company also produces the tool PFCLScan used to protect Oracle databases.

Primož Bratanič

iLOL d.o.o.

Predavanje v pripravi

Četrtek, 09.04.2020
16:30 - 17:00
O predavanju

Ravishankar Borgaonkar

SINTEF Digital

4G to 5G security challenges

Četrtek, 09.04.2020
12:00 - 12:30
O predavanju

He holds a Ph.D. in telecommunication security area from Technischen Universität Berlin, Germany. At SINTEF Digital, he researches securing next-generation digital communication and his primary research themes are related to mobile telecommunication and involved security threats. This ranges from 2G/3G/4G/5G network security to end-user device security. He has extensive experience in security architecture, vulnerability analysis, and cybersecurity as a researcher (University of Oxford (UK), Deutsche Telekom's T-Labs (Germany), and Intel Collaborative Research Institute for Secure Computing at Aalto University (Finland)), focusing lately on securing 5G enabled use-cases. With a great interest in offensive research methodologies, Ravi is best known for the discovery of several protocol flaws in 3G/4G/5G technologies (affecting billions of devices) and assisted in shaping the existing 3G/4G and upcoming 5G security standards designed by the 3GPP international telecommunication standard body. Ravi gave over 30 talks at leading hacking/industry/academic conferences and his work is regularly covered by major news outlets including the BBC, Washington Post, Wired, Forbes, the Huffington Post, and Independent.

Severin Winkler


From Zero to Hero – A practical example of a real-life Penetration Test

Sreda, 08.04.2020
12:30 - 13:00
O predavanju

Severin Winkler has been in the InfoSec field since 2007 starting as security researcher after his studies at the Technical University of Vienna. He has been penetration tester at SBA Research gGmbH in Vienna and is currently employed at the KPMG Cyber Security Team performing and coordinginating security tests and Cyber Defense in general.

Stefan Janković

How malware works?

Četrtek, 09.04.2020
14:00 - 14:30
O predavanju

Stefan Janković is Ethical Hacker and penetration tester from Serbia.
He has been doing penetration testing for 4 years now. He became interested in hacking as a young person. He took cybrary academy and udemy courses online. He also learned python programming and shell script. As he got further into hacking, he became interested in malware and malware analysis. He says he is still at the beginning, but day by day he learns something new and he wants to share his knowledge with us.

Thomas Rhyner


Mainframes are ! dead

Četrtek, 09.04.2020
09:30 - 10:00
O predavanju

Thomas is an Information Security Professional with more than 19 years of experience in the fields of cyber security and information technology. At KPMG, Thomas leads the Cyber Defense service offering, which includes KPMG Switzerland’s Penetration Testing team, based in Zurich and Geneva. Prior to joining KPMG, Thomas worked at a major Swiss telecommunication company for several years as an Information Security Officer. In addition, Thomas was certified as a system specialist for mainframe system z/OS and iSeries (AS400) for a major global Insurance company. He started on a 2 year full-time mainframe trainee program, which included one year full time of theoretical mainframe basics training and one year on the job training in the mainframe operations team. Upon completion, he was promoted to a mainframe system specialist and worked in this area for several years. In his free time, Thomas furthers developed his expertise through conducting mainframe security research.

Thomas Roccia


The endless escalation of Malware Evasion Techniques

Sreda, 08.04.2020
11:30 - 12:00
O predavanju

Thomas Roccia is a security researcher on the McAfee Advanced Threat Research team. He works on threat intelligence, tracking APT and cybercrime campaigns and collaborating with law enforcement agencies. In his previous role, Thomas worked on the McAfee Foundstone team, performing worldwide incident response, malware hunting, and penetration testing. He has helped customers during major outbreaks and managed highly critical situations. Thomas has developed workshops, training courses, and presentations. His work in security research includes malware, reverse engineering, vulnerabilities. He speaks regularly at security conferences.

Tiberiu Boros

Adobe SCC

Weaponising Neural Networks. In your browser!

Četrtek, 09.04.2020
13:00 - 14:00
O predavanju

Tiberiu Boros is a Ph.D. in computer science, specifically in the field of Text-to-Speech (TTS) Synthesis. He is currently working for Adobe Systems Romania and is an associate of the Research Institute for Artificial Intelligence of the Romanian Academy. Additionally, he maintains two Machine Learning open source projects (TTS-Cube and NLP-Cube) and is a contributor to the DyNet Machine Learning Framework (developed by Carnegie Mellon University and many others). His research is focused on applied Natural Language and Speech Processing, but for the last couple of years he focused his skillset on applying data science on security/incident response problems.

Uroš Majcen


Ujemi me, če me moreš

Sreda, 08.04.2020
09:30 - 10:00
O predavanju

Uroš Majcen že več kot dvajset let deluje na področju vpeljave nadzornih sistemov in varnostnih rešitev v infrastrukturne sisteme v regiji in širše. Zadnje čase je vpet v izdelavo in vpeljevanje celovitih varnostnih rešitev za področje kibernetske varnosti.

Žiga Podgoršek

Inštitut za korporativne varnostne študije

Internet stvari (IoT), ki temelji na arhitekturi spletnih vmesnikov pametnega doma ali podjetja

Četrtek, 09.04.2020
16:00 - 16:30
O predavanju

Žiga Podgoršek je zaposlen na Institutu za korporativne varnostne študije, ICS-Ljubljana kjer deluje na področju informacijske varnosti. Njegova glavna prioriteta so izvajanje varnostnih pregledov IT okolij, s posebnim poudarkom na organizacije, ki upravljajo s kritično infrastrukturo. V letu 2018 je uspešno opravil izobraževanje in pridobil uradni certifikat etičnega hekerja (CEH v10). Prav tako je aktiven na področju evropskih projektov, kjer trenutno izvaja aktivnosti v mednarodnem projektu HORIZONT 2020 »INFRASTRESS«, ki posveča pozornost kibernetsko-fizični varnosti na področju kritične infrastrukture. Med drugim je kot član projektne skupine ICS-Ljubljana sodeloval pri izdelavi študije z naslovom »Metodologija za ocenjevanje tveganj v organizacijah kritične infrastrukture«, ki jo je naročilo Ministrstvo za obrambo Republike Slovenije. Prav tako je član Slovenskega združenja korporativne varnosti.

