Lectures
Code Red: Threat-Led Tabletops for Critical Infrastructure Defense
Imagine a ransomware attack crippling your city's power grid. Are you prepared? Recent attacks highlight the vulnerability of critical infrastructure to sophisticated cyber threats. Traditional security measures are no longer enough.
This presentation dives into threat-led tabletop exercises, enhanced with AI-driven attack simulations, as a powerful tool for critical infrastructure defense. By combining real-world scenarios, up-to-date threat intelligence, and cross-sector collaboration, these exercises expose critical vulnerabilities and strengthen organizational resilience.
Participants will learn how to design and implement exercises that test incident response plans under pressure, identify hidden security gaps, and improve communication between IT, OT, and executive teams. We'll explore how these simulations drive strategic security investments and foster a proactive security culture, ensuring readiness for tomorrow's complex cyber threats. Join us to gain actionable strategies for safeguarding your critical infrastructure and minimizing the impact of cyberattacks.
Cybersecurity in the Era of AI and Quantum Computing
Cybersecurity is rapidly evolving, shaped by artificial intelligence (AI) and the emergent potential of Quantum Computing. AI enhances security through automated detection and analysis, swiftly processing vast amounts of data to spot and predict threats, and Quantum Computing holds the promise to revolutionize various industries by offering unparalleled computational speed and efficiency, enabling it to tackle complex problems far beyond the reach of classical computers.
Yet, these benefits also come with risks: AI's capabilities can be exploited for advanced phishing, vulnerability discovery, and creating adaptive malware, complicating the cybersecurity landscape, while Quantum Computing further challenges digital security by threatening to undermine traditional encryption, making existing protections potentially obsolete.
This session will explore the mixed impact of AI and Quantum Computing on Cybersecurity, highlighting both the advancements and vulnerabilities they introduce. We'll discuss current threats like supply chain attacks and ransomware, alongside the integration of Privacy Enhancing Technologies (PETs) with AI and quantum defenses, offering a strategic viewpoint on safeguarding against the future of cyber threats.
Enumerating Kubernetes for exploitation
Imagine you have access to kubectl with a valid kubeconfig, or you exploited a pod inside a Kubernetes cluster. What steps should you take to validate and exploit the node? And what information can and should be retrieved that is valuable? By making use of kubectl, we can identify misimplementations and what the correct security implementations are; this you will learn from this talk.
At last, we share a self-created PowerShell module to assist you in these endeavors in the future by automating the process.
Fraud Galaxy: Exploring the Universe of Cyber Deception
Despite advances in cybersecurity education, even the best-prepared can fall victim to ever-evolving cyber fraud and abuse tactics. Understanding and countering these threats is essential in our ongoing battle to improve security and integrity.
In this presentation, we will explore the "Fraud Galaxy," revealing how cybercriminals exploit vulnerabilities to deceive individuals and infiltrate corporate infrastructures. Guided by real-world examples and first-hand experiences, we will explore a practical framework to combat these threats.
By analyzing actual cases, we will uncover fraudster tactics and offer advice on strengthening defenses.
A significant part of our discussion will focus on methods used to introduce data theft or malware into corporate systems, from phishing emails to compromised infrastructure. Understanding these methods helps organizations better prepare to identify and mitigate threats.
We will look at how AI is making deception and fraud more potent and how we can turn the tables against the bad guys by leveraging AI power to combat fraud.
We will emphasize continuous vigilance and education, sharing visual examples and cautionary tales to illustrate the real-world impact of cyber fraud. This session aims to equip attendees with the knowledge and tools to navigate the complex landscape of cyber fraud, enhance defenses, and reduce the likelihood of falling victim to deception.
Join us for an enlightening session to deepen your understanding of cyber fraud and strengthen your cybersecurity posture.
How to steal 10 million euro using OSINT?
In April 2023, the municipal government of a small town in Spain announced a financial aid program, offering €100 to each registered resident. While researching the voucher-claiming system, I identified a significant design flaw that could be exploited to claim vouchers on behalf of other individuals. This vulnerability, leveraging identity theft via OSINT PII, required only a name and a national ID number—information readily accessible online through official documents despite being considered private. Political interests hindered the ethical disclosure process, leading to premature media exposure before the system could be patched, ultimately resulting in numerous residents losing their vouchers to digital criminals.
Insider Threats
These threats are particularly insidious as they bypass traditional security measures with legitimate access.
An insider threat can happen when someone close to an organization with authorized access misuses that access to negatively impact the organization’s critical information or systems. This person does not necessarily need to be an employee—third-party vendors, contractors, and partners could also pose a threat. Insider threats can be unintentional or malicious, depending on the threat’s intent.
Password management in operating systems
We all use credentials to access operating systems.
But how are the passwords associated with the accounts managed and stored?
What hashing algorithms are used?
In this lecture we will look at various types of passwords used and their role in maintaining security, ensuring correct authentication and managing user access in operating systems.
Traverse the Path
In this presentation, Jan Harrie will discuss his research into vulnerabilities in Golang implementations of archive extraction libraries. He will present several bugs that he discovered, which have been assigned CVEs and remediated by the respective projects. Additionally, Jan will share his experience in developing a secure archive extraction library in Golang, highlighting best practices and lessons learned from analyzing existing implementations.
Undersea cables, the issues, the challenges and potential solutions
This presentation explores the protection of critical infrastructure, specifically undersea cables, against potential threats posed by ships. We examine various realistic methods of safeguarding these assets, ranging from addressing potential issues with AIS (Automatic Identification System) to deploying onboard sensors, satellite monitoring, and surveillance supported by AI and drones.
Additionally, we provide a political perspective on the broader implications for affected communities, considering the feasibility of these solutions and their potential impact.
Undersea Infrastructures - The New Cyber Frontier
The 4th Industrial Revolution has shaped an increasingly interconnected world, with several critical infrastructures now supporting our economic, societal, and personal lives. However, this interconnectedness also makes these infrastructures vulnerable to cyber threats. It's crucial that we understand the almost exclusive focus on critical infrastructure as a decisive factor for social cohesion, and the significant risks this entails. Protecting critical infrastructure is vital for maintaining the social fabric and cohesion. While the focus remains in cyberspace, we must also be alert to the potential threats that might come from the physical world, and be cautious in our approach to addressing these risks. This paper explores the risks posed by cyber and physical threats to critical infrastructure in an era of increased technological reliance. It highlights the inevitability of a "digital Pearl Harbor" and discusses specific threats, such as unmanned underwater vehicles (e.g., Project 10831 "Losharik") that could target undersea communication cables or energy pipelines. These vulnerabilities underscore the urgent need for robust measures to protect critical systems.
Vulnerability Management in 2024: The Good, the Bad and the Ugly
Vulnerability Management holds many challenges for IT environments. This presentation will highlight several of those such as incomplete CVE data, the sheer number of vulnerabilities to manage, and the inconsistent results of vulnerability scanners. However, several approaches to manage this Sisyphean tasks will also be covered - from available tools over technology stacks to operational patterns.
Zero Trust in Action: Securing Your Microsoft 365 Environment
In today’s evolving threat landscape, relying on traditional security models is no longer enough. This session will introduce the Zero Trust security model and demonstrate how to apply it effectively within Microsoft 365. You’ll learn key security principles, explore identity protection, data security, and threat defense strategies, and see a live demo of Conditional Access, Microsoft Defender, and Data Loss Prevention (DLP) policies in action. Walk away with practical steps to strengthen your organization’s security posture.