Meet the lecturers
Andrea Razzini
Lecture:
Connected vehicles cybersecurity - status and next steps
Andrea Razzini is a recognized advisor in Cybersecurity products’ evaluations and an Ethical Hacker. Currently responsible of the Expertise Center of Cybersecurity at Altran part of Capgemini. He is an advisor for some of the main leading companies in the Automotive, Life Sciences, Industrial, Telecom, Financial and Avionics/Transportation systems, taking care of the evolution and improvement of the level of Cybersecurity in products, networks and systems. He has gained considerable experience in Risk Management and Threat Analysis and Cybersecurity assessments in general. He is also an author for many online digital magazines. He is currently holding some of the top Cybersecurity certifications (CISSP, CEH, CCSK, CompTIA Security +) and those regarding many products/tools as well.
Andrei Bozeanu
Lecture:
Lions at the watering hole
Andrei Bozeanu is a cybersecurity researcher working as private security consultant but also as a consultant for Romanian National CERT, CERT-RO. Some of his research work became what is known today as Dekeneas, an Orange Fab startup company. Dekeneas is designed to identify the most elusive and hard to detect cyber attacks, having the attacking vector through the web, such as watering hole, browser exploitation or in-browser cryptojacking. These attacks are hard to detect because of HTTP protocol specifics, such the fact that there are different implementations of it which makes it very hard for security tools to comply with all of these different implementations, and also, due to the Traditional detection methods are totally useless against this type of attacks, creating the need for a different approach. Dekeneas is based on a innovative technology which uses machine learning to classify DOM elements in the HTML page as malicious or benign, and proceed with further detailed analysis on those flagged as malicious.
Andrei Cotaie
Lecture:
Stringlifier
Andrei Cotaie is a Security Engineer specialized in Incident Response. Currently working for Adobe’s Security Coordination Center, Andrei made the transition from the public to the private sector almost 5 years ago. A big fan of automation and machine learning enthusiast, Andrei spends most of his time involved in monitoring and threat hunting projects, always trying to identify the latest unconventional attacks.
Andrej Tomšič
Lecture:
Data protection and Bring Your Own Device (BYOD) - do it right
Boris Mutina
Lecture:
Those killer emails
Boris is an openminded specialist and analyst at Excello/Virusfree with 10+ years of background in the IT security. Starting as a common sysadmin he soon became as a cybersecurity analyst and lecturer at Zone-H/Security Lab. After a short period being a freelancer he moved to Excello where he is now threathunting and helps also as auditor.
Božidar Radosavljević
Lecture:
M365 Security introduction
Catalin Curelaru
Lecture:
Connecting the Dots: How Threat Intelligence Protects the Applications
Catalin is a security generalist specialized into Infrastructure and Product Security areas with a strong knowledge of Security Operations.
He works at Visma as a Product Security Engineer, enjoying his time in the Product Security Operations team providing technical leadership in various security services like Cyber Threat Intelligence, Bug Bounty, DAST or PSIRT, through the Visma Application Security Program.
Catalin is the OWASP Timisoara Chapter Leader where he aims to create a strong local security community focused on improving the application security world. Has also several recognized certifications in the security field like: MCSA, MCSE, Security+, CASP, CEH.
CREA PLUS d.o.o. & TELEKOM SLOVENIJE d.d.
Lecture:
Dina Truxius
Lecture:
Medical Device Security - Results from Project ManiMed
Dr. Dina Truxius joined the Federal Office for Information Security (BSI) in Bonn, Germany in 2018. Her major tasks cover medical device IT security, project management, standardization, national and international cooperation, committee work, as well as disclosure processes. She is project lead of several BSI projects, including project ManiMed-Manipulation of medical devices.
Dominique C. Brack
Lecture:
COVID-19 Cyberfraud Risks – year long Christmas party for cybercriminals and business’ defrauding government release funds
Dominique C. Brack is a recognized expert in information security, including identity theft, social media exposure, data breach, cybersecurity, human manipulation, and online reputation management. He is a highly qualified, top-performing professional with outstanding experience and achievements within key IT security, risk and project management roles confirming expertise in delivering innovative, customer-responsive projects and services in highly sensitive environments on an international scale. Dominique is accessible, real, professional, and provides topical, timely and cutting edge information. Dominique’s direct and to-the-point tone of voice can be counted on to capture attention, and – most importantly – inspire and empower action.
Enes Ajanović
Lecture:
Purpleteaming with MITRE att&ck
Enes Ajanović – Cyber security enthusiast, over 20 years of experience in IT. MSc in Computer Science, with over 10 years specialization in Cisco security solutions. Cisco Certified Internetwork expert for Security products CCIE 32640. Currently working as System Engineer in Mibo Komunikacije d.o.o Sarajevo, with focus on security and protection of public and private sector in Bosnia and Herzegovina. Has also several recognized certifications in the security field like: Security + and CEH.
Gorazd Božič
Lecture:
SI-CERT: review of the special year
Ivica Gjorgjevski
Lecture:
Status of Cyber Security in Pandemic time
Ivica Gjorgjevski is a recognized expert in information and cyber security with more than 15 years of experience in this field. After 4 years working in the army, he joined the National Security Authority (Directorate for Security of Classified Information). Currently working as a head of the sector for information security. Besides the full-time job in the NSA, he also works for Semos Education, leading company in North Macedonia for IT education, as a certified EC-Council instructor and delivers cyber security trainings all over Europe. His field of expertise is ethical hacking, network defending, incident handling. He is currently holding some of the top cybersecurity certifications (CEH, CEI, CND, ECIH, CompTIA Security +).
Jagor Čakmak
Lecture:
Deep dive into logic and complex flaws or why AI will not replace us soon
Jagor Čakmak is currently working as Information Security Consultant in Penetration Testing team at Infigo IS. He has finished Telecommunication and Informatics masters programme at Faculty of Electrical Engineering and Computing in Zagreb and started working in security field at Croatian National CERT within Croatian Academic and Research Network. After incident response and R&D projects he moved to Erste Group Card Processor as an Operations Security Officer. In the end he switched his blue team role to red team at current company.
Jan Marek
Lecture:
Defense Evasion on Microsoft Window OS
Jan Marek is a red teamer, security consultant and architect with more than 15 years of proven experience. His professional career includes training and speaking-related activities as well. He focuses primarily on products in the area of cybersecurity, private and public cloud, specifically Windows Security, Windows Kernel, Microsoft Hyper-V, Windows Server and Active Directory. To prove his knowledge, he has passed many certifications – OSCP | eCPPT | CHFI, CEH, CEI, Comptia Pentest+, MCSE, MCSA, MCITP, MCTS, MS, MCT. For his speaking-/writing- related activities, he was awarded with the Microsoft Community Contributor and Microsoft Most Valuable Professional (MVP) in the Cloud and Datacenter Management category. His daily work includes penetration testing, red teaming, architecture work, consultancy, engineering, and training delivery.
Julian Suleder
Lecture:
Medical Device Security - Results from Project ManiMed
Julian Suleder is a Security Researcher and Penetration Tester at ERNW Research GmbH.
His special research interest is the security of medical devices as he holds a master’s degree in medical informatics from Heidelberg University and Heilbronn University, Germany. Besides his studies, he worked as Academic Assistant at Heilbronn University and taught the concepts of the risk-driven approach for the specification of requirements for the reliability and information security of complex systems, as well as methods and techniques for the safe design and safe development of software.
Besides IT security, he researches in the field of consumer health informatics and recently published his findings in the topics of technology adoption, motivational aspects of and privacy concerns on wearables in the German running community in one of the most relevant scientific journals of medical informatics.
Lino Antonio Buono
Lecture:
Demystifying Offensive security and Cyber surveillance – A view from the inside
As CTO of Memento Labs, he designs and manages cybersecurity projects to fulfil LEAs’ needs in fighting crime.
In his previous working life, he was both a blue and red teamer. As security researcher he mainly focused on finding new attack vectors and AV-bypass techniques.
Moreover, he’s a proud co-founder and co-organizer of No Hat security conference.
Mane Piperevski
Lecture:
Prediction for AI driven cyber security - Offensive and Defensive
Mane Piperevski is security expert with over 10 years of experience and expertise in field of Ethical Hacking/Penetration Testing and ICT Forensics. He works currently as CEO and IT Security Consultant at Piperevski&Associates and he is also contributor to open software security community as OWASP Chapter Leader for Macedonia. Recently published white papers “Hacker Attacks - Undetectable attacks from trojans with reverse communication” and “Hacking Attacks - Security Threats in IPv6 networks”. Holder of numerous security certifications (C|EH, E|CSA, C|HFI, E|CIH, E|CSP .NET, MCSA, MCSE, MCITP, C|EI, MCT) and Europe highly ranged Cyber Crime instructor and trainer.
Marko Hölbl
Lecture:
Pitfalls when Embedding Cryptography into Applications
Marko Hölbl is an assistant professor of Computer Science at the Faculty of Electrical Engineering and Computer Science, University of Maribor. His research work focuses on information security, ranging from cryptography, user aspects of information security and privacy. He holds a professorship for the courses related to cybersecurity including Information security fundamentals, Data protection, and Digital Forensics at the Faculty of Electrical Engineering and Computer Science and at the Faculty of Criminal Justice and Security, University of Maribor. He is a secretary of the CEPIS LSI (Council of European Professional Informatics Societies, Legal and Security Issues special interest network), a member of the European Cyber Security Organisation (ECSO), WG6: SRIA and Cyber Security Technologies, and an executive board member of the Slovenian Society Informatika. Marko Hölbl has been involved in a great number of projects, seminars, and workshops. He is coordinating the Horizon 2020 project CyberSec4Europe - Cybersecurity for Europe. He was also actively involved in the Tempus project ECESM - Enhancing Cyber-Security Education in Montenegro, and several bilateral projects with the University of Pittsburgh, Pittsburgh, USA and the University of Novi Sad, Novi Sad, Serbia.
Matteo Cuscusa
Lecture:
Cognitive Hacking - Age of Covid
Matteo Cuscusa is an ethical hacker and a social engineer. He’s been passionate about technology since when he was a kid and he founded Cuscusa Web & Security in 2009. He provides companies with offensive security services and simulated real world attack scenarios to help them understand their security posture. He’s the PoC of DC999, a group of thinkers, creators and hackers.
Matthias Luft
Lecture:
Fantastic Secrets And Where To Find Them
Matthias Luft is a Principal Platform Security Engineer at Salesforce. After more than 13 years in IT Security, he is still excited about a broad range of topics (from hypervisors via containers/clouds to IT security management/leadership) and has had the opportunity to present on them around the globe. Currently he works on container and cloud security engineering. In his free time, he enjoys the outdoors, martial arts, and spending time with dogs.
Miha Ozimek
Lecture:
Digitization and its impact on cyber security
Nejc Bajželj
Lecture:
Hidden traps of storing data in the public cloud
Nikolaos Benias
Lecture:
Hacking the human: Exploiting primordial instincts
Nikolaos Benias, born in Athens in 1976, is married with 2 children. He graduated from the Greek military NCO academy in 1997, received additional training as an electrical engineer in SETTIL, got a degree in Computer Science from the Hellenic Open University in 2014 and a MSc in Computer Science and Security from Athens University of Economics and Business in 2016. Since 2010 he is stationed at the Hellenic Ministry of Defence, in Hellenic National Defense General Staff/CyberDefence Directorate. He has been certified as a web penetration tester (eWAPT by LearnSecurity), a CCNA practitioner (CISCO) and a GSEC-GIAC (SANS) holder.
Currently he is a PhD candidate at National Technical University of Athens, researching on IIoT Cyber Security.
Pete Finnigan
Lecture:
ERP Security; dont forget the Oracle database
Oracle database password security deep dive
Pete Finnigan is one of the most well-known experts in database security. Pete Finnigan created the SANS Oracle security step-by-step guide and the CIS Oracle benchmark used by NIST, USA DoD and more is a reference to secure Oracle databases. Pete worked out the mechanisms that Oracle used to protect PL/SQL and showed how they can be easily defeated at the Black Hat conference in Las Vegas in 2006. Pete has published multiple books on databases security and speaks and publishes papers regularly. His company also produces the tool PFCLScan used to protect Oracle databases.
Rachel Okoji
Lecture:
COVID-19 Cyberfraud Risks – year long Christmas party for cybercriminals and business’ defrauding government release funds
A graduate of Biochemistry and freelance writer, Rachel rediscovered her passion for Cyber Security when she stumbled upon an opportunity put together by SEIDEA for aspiring young women to learn the knowhow of Information Security. Since then, she has undergone multiple training programs to cultivate her skills (vulnerability scans, aiding Red Team attacks, researching malware with YARA, some python work) and is presently a Cyber-mentee with Dominique C. Brack, a seasoned InfoSec professional. As she makes purposeful strides towards becoming an OSINT and Social Engineering expert, she hopes her journey will serve as inspiration to other young women looking to make their mark in the cyber world.
Sozon A. Leventopoulos
Lecture:
Emerging and Disruptive Technologies - How Cyber-warfare affects military operations
Former (under resignation) military officer with the Hellenic Army/Artillery Directorate with an excellent 26-years carrier at Missile Air Defense Artillery Units, the NATO and the Integrated Air and Missile Defense Center of Excellence. Main duties in the Armed Forces, Operational Planning and Execution, Training and Education. He has participated in various exercises and missile live
firings. Since 2008 he has assumed the duties of Chief Information Security Officer in all units or services. He holds a Bachelor in Military Science, formal Training as Radio-telecommunications/Radar Technician, and finally he holds the following certifications: (ISC)2 CISSP (full member), EC-Council’s CEH, CompTIA’s CASP+, Security+ and Network+. Currently, he studies for his Master’s Degree in Cybersecurity at the Athens University of Economics and Business. He has published a number of book chapters, papers and articles, for both military and cyber-security relevant subjects, and he believes that the proper cyber-security education, and awareness training can make our cyber-world a little bit safer.
Stefan Janković
Lecture:
Dark Web
Stefan Janković is Ethical Hacker and penetration tester from Serbia.
He has been doing penetration testing for 5 years now. He became interested in hacking as a young person. He took cybrary academy and udemy courses online. He also learned python programming and shell script. As he got further into hacking, he became interested in malware and malware analysis. He says he is still at the beginning, but day by day he learns something new and he wants to share his knowledge with us. He holds next certificates: CEH - certified ethical hacker, CHFI - computer hacking forensic investigator certification and compTIA security+.
Thomas Weber
Lecture:
Army of Undead – Tailored Firmware Emulation
Thomas Weber is a security researcher and consultant with a focus on embedded device security/reverse engineering. Prior to his employment at SEC Consult, he worked as developer for various embedded devices in different companies. Thomas disassembles and dissects the hardware and the extracted firmware from embedded devices for customers and during research projects in the Hardware Lab of SEC Consult. He published several advisories for devices in the embedded (industrial) environment, e.g. products from: Cisco, Ubiquiti, Linksys, Zyxel, Pepperl&Fuchs, WAGO, Kathrein, Sprecher and Solare Datensysteme.
Tiberiu Boros
Lecture:
Stringlifier
Tiberiu Boros is a Ph.D. in computer science, specifically in the field of Text-to-Speech (TTS) Synthesis. He is currently working for Adobe Systems Romania and is an associate of the Research Institute for Artificial Intelligence of the Romanian Academy. Additionally, he maintains two Machine Learning open source projects (TTS-Cube and NLP-Cube) and is a contributor to the DyNet Machine Learning Framework (developed by Carnegie Mellon University and many others). His research is focused on applied Natural Language and Speech Processing, but for the last couple of years he focused his skillset on applying data science on security/incident response problems.
Tomáš Zatko
Lecture:
AWS Security: Sweet dreams vs reality - Case Study
Tomáš Zatko CISSP, CEH, CEO of Citadelo.
Tomáš found his hacker talent back in childhood. He wrote his first program as eight years old. As ten years old Tomáš reverse-engineered a proprietary binary data structures in his favorite games to make his soldiers supermen or unlock all the game levels. This self-teaching led him to love the technologies and deeply understand them. In his adult life, he promoted his hobby to business. Tomáš has more than a decade of professional experience in IT security. He is helping companies ranging from major financial institutions to industry segment. Securing your business is Tomáš's passion. He is the hacker fighting on your side.
Tomislav Gotovac
Lecture:
Community powered IP reputation system
Spent more than 15 years in the IT industry gaining invaluable experience in various infrastructure and security departments. After several years in Pharma/Fintech companies he joined Croatian National CERT and its „Services and infrastructure security team“ in 2019.
Tudor Damian
Lecture:
IT security in a post-COVID world
As an IT consultant with more than 15 years of experience in managing complex IT infrastructures, Tudor is a Certified Ethical Hacker, a Microsoft Cloud and Datacenter Management MVP, and a regular speaker at local and regional community events. He is also one of the organizers of the ITCamp conference in Romania (itcamp.ro). bringing together tens of awesome speakers with hundreds of attendees every year.
Tudor often talks about the latest technologies and trends with themes including cloud governance, risk management & compliance, networking & security, virtualization technologies, social engineering & cybersecurity, web application security, white-hat hacking & penetration testing techniques.
Vasilis Chantzaras
Lecture:
On-Line
When registering for the HEK.SI 2024, you get FREE TICKET for the INFOSEK 2024!